call a function from a remote include() php file

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
User avatar
paqman
Forum Contributor
Posts: 125
Joined: Sun Nov 14, 2004 7:41 pm
Location: Burnaby, BC, Canada

call a function from a remote include() php file

Post by paqman »

I'm trying to set up a general error reporting tool for all the websites I build which will all call a function from my main website. This way I'll only have to update the one file to make any changes. I'm trying:

Code: Select all

include('http://mysite.com/error_report.php');
report_error("9001", "0", "0", "http://thesite.com", "0");

The file error_report.php begins like this:

Code: Select all

<? function report_error($errorcode, $headertype, $messagetype, $domain, $submextra) {
...

I'm asking because the script works fine when it's included by a script in the same domain as it. When I try to include error_report.php remotely, it just tells me "Fatal error: Call to undefined function: report_error()". The file's being included; it's just not able to see the function. Any ideas?
Dale
Forum Contributor
Posts: 466
Joined: Fri Jun 21, 2002 5:57 pm
Location: Atherstone, Warks

Post by Dale »

I don't think you can use relative paths to your files (eg; http://www.foo.bar), you have to use full paths (/foo/bar/ect/).
jmut
Forum Regular
Posts: 945
Joined: Tue Jul 05, 2005 3:54 am
Location: Sofia, Bulgaria
Contact:

Post by jmut »

http://php.net/manual/en/function.include.php

You need allow_url_fopen option enabled.
But in long term I really thing this is bad idea.
I would suggest you have some class that does the job for you...and whenever new version of the class pops up
you just synchronize to needed systems. Much easier to test/debug in my opinion.
Generally allow_url_fopen enabled is considered security risk. You should be very very strict not to allow attacker using it in a bad way.
User avatar
volka
DevNet Evangelist
Posts: 8391
Joined: Tue May 07, 2002 9:48 am
Location: Berlin, ger

Post by volka »

Does http://mysite.com/ itself parse and execute php scripts?
Then your including script only gets the output of error_report.php, not the source code.
User avatar
paqman
Forum Contributor
Posts: 125
Joined: Sun Nov 14, 2004 7:41 pm
Location: Burnaby, BC, Canada

Post by paqman »

ahhhhhhhhh that makes sense - it's parsing the code itself, then returning nothing... Sorry I didn't realize that earlier. Would a file opening/reading function import the code? Or should I just listen to jmut and avoid the possibility of attacks?
User avatar
feyd
Neighborhood Spidermoddy
Posts: 31559
Joined: Mon Mar 29, 2004 3:24 pm
Location: Bothell, Washington, USA

Post by feyd »

Nothing you can do on the requesting server will fetch the code without the help of the remote server. Just don't do it.
Post Reply