Hi,
I have a file containing various database functions that up until now has only been used (accessed) on the secure (https) part of my site. Now, I need to access it from the regular http part of the site. However, when I try to include the file in the form:
include ("https://www.mysite.com/dbfile.php")
I get the "failed to open stream" warning and then a fatal error. I am assuming that it has something to do with the include_path settings in httpd.include. However, my question is whether it is a good idea to include a secure file from a non-secure page in the first place. Is it?
Thanks.
Include secure file from non-secure page - bad or good idea?
Moderator: General Moderators
1) If that server gets hacked, then your server will be in danger too.
2) How much time does this 'include' HTTP request take? I think whatever it takes, it takes too much.
3) What if that other server fails? Does that mean that your website will be down too?
4) If someone else get this database function script, then in case of a vulnerability your website could be in danger.
Anyway, I'm not an expert, but i think this is what you should consider.
2) How much time does this 'include' HTTP request take? I think whatever it takes, it takes too much.
3) What if that other server fails? Does that mean that your website will be down too?
4) If someone else get this database function script, then in case of a vulnerability your website could be in danger.
Anyway, I'm not an expert, but i think this is what you should consider.
- aaronhall
- DevNet Resident
- Posts: 1040
- Joined: Tue Aug 13, 2002 5:10 pm
- Location: Back in Phoenix, missing the microbrews
- Contact:
If it's a local file, you would include it with its path on the hard disk:
Code: Select all
include("/path/to/dbfile.php");