Include from different server?

[shadowayex]

I'm building a web forum system that I want people to be able to use as an add-on to their sites. However, the way I would like to design it has landed me in a rut.I want the actual databases and code to remain on my host's server, but I want web developers to still be able to use their domain name. thus, my plan was to create copies of each page that just included the version from my server. For instance the showtopic.php page for them would just look something like:

<?php	id = $_GET['id'];	include('http://www.myforumsdomain.com/showtopic.php?id=' + id);?>

Of course, by the end of it, the code will be a little more complex, I'm sure, but that is the general idea I'm going for. Although, when I try this small scale, using one of my testing servers to try to include a file on another one (index.php, actually), I get errors.Here's the code I use:

<?php	include('http://207.177.27.218/index.php');?>

And here's the errors:

Warning: include() [function.include]: URL file-access is disabled in the server configuration in /var/www/index.php on line 2Warning: include(http://207.177.27.218/index.php) [function.include]: failed to open stream: no suitable wrapper could be found in /var/www/index.php on line 2Warning: include() [function.include]: Failed opening 'http://207.177.27.218/index.php' for inclusion (include_path='.:/usr/share/php:/usr/share/pear') in /var/www/index.php on line 2

Now, I read that the URL file-access one could be fixed by editing a line in the php.ini file, but I won't have access to that on their server, so I'm kind of stuck on what to do about these errors.Any suggestions?

[boen_robot]

You could simply force them to have this enabled. Doing that is really going to limit your reach though.Besides, you do realize tha if you include a file with HTTP, you're including the output of the PHP file, not the PHP file itself, right?The way you should do any remote business is with web services. Whether its with a SOAP, XML-RPC or REST web services. What a web service really means is a remote URL that you call with some input, and which gives you some output. The different mentioned web service kinds differ only in the way they let your users give input, and consume output.

[justsomeguy]

I want the actual databases and code to remain on my host's server, but I want web developers to still be able to use their domain name. thus, my plan was to create copies of each page that just included the version from my server.

For what it's worth, a service like that has limited appeal. Most businesses would never trust any third party to supply code in real time to run on their own server. If a company doesn't have control over the code that runs on their server, they probably aren't going to want to run it. It would be extremely easy to compromise your entire customer base if your command server got hacked, it's a risk not a lot of people would be willing to take. That's why hosts disable including files over HTTP.

[shadowayex]

Ah, well then. I was hoping to be able to make some money off of this product, but I'm paranoid of selling it to one person and them finding some kind of loophole to steal it and call it their own =/Ah well, I can go back to the method where you can drag and drop the folder into your web directory and import the database file to set up the required tables and the like for the system.About the include thing, I figured as much but I was hoping if I included it in a manner where the include looked something like "showtopic.php?topicid=4" or something, and the showtopic on my end would generate the output, and their showtopic would display the results, thus it'd work just like they had everything on their end, but it would protect my code. Ah well.Thanks for the information guys.

[justsomeguy]

If you really want to protect your code then you need to encrypt it, which is going to require software installed on the server to decrypt it. Hosting the code on your server doesn't offer any protection, anyone can download the code and just save it locally, and change the source to include the local files instead of the remote files. The only thing you're keeping is the database.The Zend and Ioncube programs are probably the two most popular encryption programs, you can have your code encrypted with each and have a page which detects which encryption module is installed on the server and loads the correct file. The CubeCart shopping cart does something similar to that, you can download that and try to go through the code (if you dare!)