Jump to content

Power of pathinfo() to ensure include() placed proper


Recommended Posts

hi. the value of what i'm trying to do here is questionable, however, i believe what i will learn can be applied elsewhere in perhaps many valuable applicationsas part of the pathinfo() array out put, let's say we have the following value: Array( [dirname] => /~domain/htmlfolder/inc [basename] => dochead.inc.php [extension] => php)if you've used the good ol' ../inc/ folder in your own apps, then you know how important it is to have your relative paths staight. i'm in the habit of doing the old-school ColdFusion-esque site layout / app structure (for the HTML part) where i include my header, footer-- and basically every HTML div component-- thereby allowing me to have a very basic skeleton file for the core of the dynamic content of separate pages. oftentimes i find that i want to test a part of what might be a "header" div, or some other part of a page which, without all of the page to put together the relative paths properly, things might either not work, or just get altogether too confusion for this peabrain. my attempted solution so far is to use PHP pathinfo() to determine stuff about my file-- however, this becomes incorrect of course if the function is used when the file [the include() file] is in fact being included into the larger structure. in other words-- what may literally be a path as shown in my example above, might appear to the parser to be coming in at: [dirname] => /~domain/htmlfolder/ (instead of the absoulte, true location of [dirname] => /~domain/htmlfolder/inc so, i ask-- because i'd put money on it that someone else has already come up w/ a bit of code to do this...how might i use, perhaps a combo of str_replace() and pathinfo() [or some other concoction of code] to stick inside of my include files (something like in pathinfo() the example above) which would act as a buffer upon that include file's being loaded into the browser OUTSIDE OF the page where it's supposed to be an include -- so any code might run if i want it to appear as it's in it's proper root-directory-offset.man-- i realize this is getting way too long for this question -- but let me just say, i have a bit that i often use where i define the root-offset

e.g. define('OFFSET','inc/') include OFFSET.'somefile.inc.php';

-- just to avoid us covering that ground. maybe it's part of the ultimate solution, but as of yet, i don't have the right arrangeent of numbers and letters to give me an include which will produce no errors. the true, true ultimate goal to be a sort-of error-proofing / error-prevention tactic. maybe this is just poor coding practice? poor software engineering? assuming you can make heads or tails of what i'm talking about here-- i'm all ears for your advice, wisdom, solution, etc. thanks!!

Link to comment
Share on other sites

Things like phpBB do this. You can check the code in some of the include files, and there is an error checking piece that determines if the file had been included or accessed directly. I think they do it with session variables though. But to get around doing that, there are several constants and predefined variables you can use to determine if the file currently executing (i.e. the include file) is the filename in the request (in the address bar). If the include file is in the address bar, then you would die with an error message.One constant to use is __FILE__. This will tell you the currently executing file. If index.php includes inc.php, and inc.php has this:

echo __FILE__;

You will see that path for inc.php (not index.php). This is handy for tracking errors, along with the __LINE__ constant. I have some error handling things that use __FILE__ and __LINE__ to record the filename and line number where errors happen so that I can check on errors after-the-fact without people needing to send me error messages or things like that.So, __FILE__ can get you the path of the currently executing file. $_SERVER['SCRIPT_FILENAME'] will give you the path of the requested file. So, if you compare __FILE__ with $_SERVER['SCRIPT_FILENAME'], and they are the same, then the person typed in the address of the file into the address bar. If they are different, then the __FILE__ script was included from the $_SERVER['SCRIPT_FILENAME'] script (or included from a script that was included, etc).Try this, save this as file1.php:

<?phpecho "File 1<br>";echo __FILE__ . "<br>";echo $_SERVER['SCRIPT_FILENAME'] . "<br>";include("file2.php");?>

And save this as file2.php:

<?phpecho "<br>File 2<br>";echo __FILE__ . "<br>";echo $_SERVER['SCRIPT_FILENAME'] . "<br>";?>

Then load file1.php in the browser to see the difference.

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Create New...