Solved

php security allow_url_include: use cURL() instead?

Posted on 2012-03-31
2
821 Views
Last Modified: 2012-08-13
Hi,

I'm wondering how I would use the curl() in place of something of this code:

require_once('root.php');
require_once(ROOTFORM.'/classes/class.mysql.php');

Open in new window


where root.php is:
    define("ROOTCLASSES", "http://localhost/seokh/co_seokh/seokh/classes/form");
    define("ROOTFORM", "http://localhost/seokh/co_seokh/seokh/test/trunk/jquery/form

Open in new window

");

I receive this warning:
Warning: require_once(): http:// wrapper is disabled in the server configuration by allow_url_include=0 in /usr/local/apache/htdocs/seokh/co_seokh/seokh/test/trunk/jquery/form/saveName.php on line 3

This page says to use curl for remote file access:
http://phpsec.org/projects/phpsecinfo/tests/allow_url_include.html

Should I be using curl or something else instead of include() or require()? If so, could you give me some code samples of, perhaps, what you use?

Thank you,
Victor
0
Comment
Question by:Victor Kimura
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 10

Accepted Solution

by:
acbxyz earned 500 total points
ID: 37791044
require_once needs a local path, nothing starting with http://

This can be either relative (like ./path/to/class.php) or absolute (/var/www/path/to/class.php). Keep in mind windows uses backslashes while linux normal ones. The preset constant DIRECTORY_SEPARATOR has always the right one.

define('DS', DIRECTORY_SEPARATOR);
define('ROOTFORM', '..' . DS . 'jquery' . DS . 'form' . DS);

require_once(ROOTFORM . 'classes' . DS . 'class.mysql.php');
0
 
LVL 110

Expert Comment

by:Ray Paseur
ID: 37793080
I don't believe you need CURL at all.  Your script needs to include a local file, so HTTP is irrelevant.  The file is already on your server.  The real question is, "Where is your file relative to your script that needs it?"  It might be as simple as this:
require_once('/classes/class.mysql.php');

Open in new window

0

Featured Post

The Ultimate Checklist to Optimize Your Website

Websites are getting bigger and complicated by the day. Video, images, custom fonts are all great for showcasing your product/service. But the price to pay in terms of reduced page load times and ultimately, decreased sales, can lead to some difficult decisions about what to cut.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

When it comes to write a Context Sensitive Help (an online help that is obtained from a specific point in state of software to provide help with that state) ,  first we need to make the file that contains all topics, which are given exclusive IDs. …
This article was originally published on Monitis Blog, you can check it here . Today it’s fairly well known that high-performing websites and applications bring in more visitors, higher SEO, and ultimately more sales. By the same token, downtime…
The viewer will learn how to dynamically set the form action using jQuery.
The viewer will learn how to create a basic form using some HTML5 and PHP for later processing. Set up your basic HTML file. Open your form tag and set the method and action attributes.: (CODE) Set up your first few inputs one for the name and …

691 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question