Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

php security allow_url_include: use cURL() instead?

Posted on 2012-03-31
2
Medium Priority
?
828 Views
Last Modified: 2012-08-13
Hi,

I'm wondering how I would use the curl() in place of something of this code:

require_once('root.php');
require_once(ROOTFORM.'/classes/class.mysql.php');

Open in new window


where root.php is:
    define("ROOTCLASSES", "http://localhost/seokh/co_seokh/seokh/classes/form");
    define("ROOTFORM", "http://localhost/seokh/co_seokh/seokh/test/trunk/jquery/form

Open in new window

");

I receive this warning:
Warning: require_once(): http:// wrapper is disabled in the server configuration by allow_url_include=0 in /usr/local/apache/htdocs/seokh/co_seokh/seokh/test/trunk/jquery/form/saveName.php on line 3

This page says to use curl for remote file access:
http://phpsec.org/projects/phpsecinfo/tests/allow_url_include.html

Should I be using curl or something else instead of include() or require()? If so, could you give me some code samples of, perhaps, what you use?

Thank you,
Victor
0
Comment
Question by:Victor Kimura
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 10

Accepted Solution

by:
acbxyz earned 2000 total points
ID: 37791044
require_once needs a local path, nothing starting with http://

This can be either relative (like ./path/to/class.php) or absolute (/var/www/path/to/class.php). Keep in mind windows uses backslashes while linux normal ones. The preset constant DIRECTORY_SEPARATOR has always the right one.

define('DS', DIRECTORY_SEPARATOR);
define('ROOTFORM', '..' . DS . 'jquery' . DS . 'form' . DS);

require_once(ROOTFORM . 'classes' . DS . 'class.mysql.php');
0
 
LVL 111

Expert Comment

by:Ray Paseur
ID: 37793080
I don't believe you need CURL at all.  Your script needs to include a local file, so HTTP is irrelevant.  The file is already on your server.  The real question is, "Where is your file relative to your script that needs it?"  It might be as simple as this:
require_once('/classes/class.mysql.php');

Open in new window

0

Featured Post

Understanding Web Applications

Without even knowing it, most of us are using web applications on a daily basis. Gmail and Yahoo email, Twitter, Facebook, and eBay are used by most of us daily—and they are web applications. We often confuse these web applications tools for websites.  So, what is the difference?

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

When crafting your “Why Us” page, there are a plethora of pitfalls to avoid. Follow these five tips, and you’ll be well on your way to creating an effective page.
This article was originally published on Monitis Blog, you can check it here . Today it’s fairly well known that high-performing websites and applications bring in more visitors, higher SEO, and ultimately more sales. By the same token, downtime…
The viewer will the learn the benefit of plain text editors and code an HTML5 based template for use in further tutorials.
The viewer will learn how to create a basic form using some HTML5 and PHP for later processing. Set up your basic HTML file. Open your form tag and set the method and action attributes.: (CODE) Set up your first few inputs one for the name and …
Suggested Courses

610 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question