Who referred to for include/require files ?

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
User avatar
anjanesh
DevNet Resident
Posts: 1679
Joined: Sat Dec 06, 2003 9:52 pm
Location: Mumbai, India

Who referred to for include/require files ?

Post by anjanesh »

In a.php I have
include("b.php.include")

Any way to find out in b.php.include which script included me (b.php.inc)
Im not looking for $HTTP_REFERER
Thanks
User avatar
feyd
Neighborhood Spidermoddy
Posts: 31559
Joined: Mon Mar 29, 2004 3:24 pm
Location: Bothell, Washington, USA

Post by feyd »

$_SERVER['SCRIPT_NAME']
User avatar
anjanesh
DevNet Resident
Posts: 1679
Joined: Sat Dec 06, 2003 9:52 pm
Location: Mumbai, India

Post by anjanesh »

In a.php I include b.php.include
In b.php.include I include c.php.include
$_SERVER['SCRIPT_NAME'] in c.php.include will give a.php
User avatar
onion2k
Jedi Mod
Posts: 5263
Joined: Tue Dec 21, 2004 5:03 pm
Location: usrlab.com

Post by onion2k »

Don't know the answer to your question, but calling files b.php.include will mean anyone accessing the file by going to http://www.example.com/b.php.include will see the source code.

(Unless you put the file outside the web root, or you configure the server to parse .include as something other than text.)
User avatar
anjanesh
DevNet Resident
Posts: 1679
Joined: Sat Dec 06, 2003 9:52 pm
Location: Mumbai, India

Post by anjanesh »

onion2k wrote:or you configure the server to parse .include as something other than text.
How do do that in Apache on a server host ? This what I tried asking in another thread ?
timvw
DevNet Master
Posts: 4897
Joined: Mon Jan 19, 2004 11:11 pm
Location: Leuven, Belgium

Post by timvw »

in each page: if(!$pages) $pages = array(); $pages[] = __FILE__;


but i really can't see a good reason why you would want that....
User avatar
feyd
Neighborhood Spidermoddy
Posts: 31559
Joined: Mon Mar 29, 2004 3:24 pm
Location: Bothell, Washington, USA

Post by feyd »

the debug backtrace should give the info too.. I don't see much point in it either really. Only thing I can see is knowing if it's being included or not, but that can be handled in other ways...

The following has worked well for me in the past

Code: Select all

// include this function into all scripts (you wish to lock)
function no_direct_access($filename)
{
	if((in_array('PATH_TRANSLATED',$_SERVER) && ($filename == $_SERVERї'PATH_TRANSLATED'])) || ($filename == realpath($_SERVERї'SCRIPT_NAME'])))
	{
		die("Direct access to this file is denied.");
	}
}

no_direct_access(__FILE__); // when in a script you wish to lock, just call this exact line, do not change __FILE__ to anything else.
Post Reply