On Fri, July 20, 2007 7:17 am, Suporte - DPRJ Sistemas wrote:
> I am returning to PHP and having some problems.
>
> Can anyone tell me if
> require_once("http://www.mydomain.com.br/includes/teste.php";) really
> do not work?
It will not work if allow_url_fopen is set to OFF in php.ini
Even if it *DOES* work, because you've got allow_url_fopen set to
"ON", it's not doing what you think it is...
It's using your own computer as an HTTP server to open up an HTTP
connection to fire up a PHP script that spits out something which is
then included as PHP source into your original PHP script.
So unless teste.php is a PHP script that spits out *more* PHP, this is
probably not what you want at all.
Here is a "Hello World" script that you could put into teste.php to
see what's going on:
<?php
echo '<?php echo "Hello World!"';
?>
Slow-motion:
Your original script runs and does:
<?php include 'http://www.mydomain.com.br/includes/teste.php';?>
This opens up a connection to your website, and requests teste.php
teste.php runs, and the above script prints out:
<?php echo "Hello World!"
This PHP code is then included into your original script.
Your original script then executes the PHP code that teste.php has
spit out, namely:
<?php echo "Hello World!"
And so, finally, it prints out:
Hello World!
This is DANGEROUS because somebody who know what you were doing could
easily (well, okay, maybe not easily, but still) hack the DNS routers
such that instead of the URL getting YOUR teste.php script, it gets
theirs.
And then your original script runs whatever code they felt like typing
on your server.
If you understand what is happening, you should be very very afraid of
doing this now.
If you're not very very afraid, re-read this until you are. :-)
> If I especify the complete path for my local server
> (/srv/www/htdocs/mysite/php/teste.php) it works fine (I did it when
> using version 4).
You can use the complete path.
Or you could figure out how PHP does include_path and set your
include_path in .htaccess or with something like
http://php.net/set_include_path
I would highly recommend that you figure out this include_path stuff
before going any farther. It makes life so much easier.
> The manual says it works but it is not working for me.
It does work.
It just doesn't do what you think... :-)
--
Some people have a "gift" link here.
Know what I want?
I want you to buy a CD from some indie artist.
http://cdbaby.com/browse/from/lynch
Yeah, I get a buck. So?
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
