Jump to content

Getting the relative path to the document root


gsingh2011
 Share

Recommended Posts

I have a CSS file that all of my HTML files include. I don't like the idea of having the absolute document root path displayed in the HTML code when the file is included, so I don't want to use $_SERVER['DOCUMENT_ROOT'] as the basepath to the file. Is there a way for me to get the relative path to the document root?

Edited by gsingh2011
  • Like 1
Link to comment
Share on other sites

Guest So Called

Could you be a little more clear in your question? If it's an external CSS file then just put it in the same directory as your index.php, and refer to it in your <HEAD> section. If you're generating HTML with a PHP script then put the CSS file in the same directory as your index.php and and don't add any path information. But site visitors shouldn't see the include statement anyway. I don't see any reason site visitors should see your base path information except when errors occur, but that's a whole 'nother thing, and you can prevent that too. It seems likely I misunderstand your question. By the way, I don't like site visitors seeing my base path information either. Honest site visitors have no use for the information and probably don't understand it, while hackers might find some way to misuse the information and my policy is never give hackers anything. I've even removed PHP's X-Powered-By header, and my site doesn't use .PHP URL names. Maybe I'm running PHP, maybe it's just really clever HTML. ;)

Edited by So Called
Link to comment
Share on other sites

Could you be a little more clear in your question? If it's an external CSS file then just put it in the same directory as your index.php, and refer to it in your <HEAD> section. If you're generating HTML with a PHP script then put the CSS file in the same directory as your index.php and and don't add any path information. But site visitors shouldn't see the include statement anyway. I don't see any reason site visitors should see your base path information except when errors occur, but that's a whole 'nother thing, and you can prevent that too. It seems likely I misunderstand your question. By the way, I don't like site visitors seeing my base path information either. Honest site visitors have no use for the information and probably don't understand it, while hackers might find some way to misuse the information and my policy is never give hackers anything. I've even removed PHP's X-Powered-By header, and my site doesn't use .PHP URL names. Maybe I'm running PHP, maybe it's just really clever HTML. ;)
Let me clarify the issue. My document root is something like /var/www/. I have the following two files, /var/www/index.php and /var/www/foo/index.php. I have a CSS file /var/www/css/styles.css. In both index.php files, I want to include the CSS file. In the link tag, I can set href to
href="<?= $_SERVER['DOCUMENT_ROOT'] ?>css/styles.css"

for both files. The only issue is now if someone views the source, they see /var/www/css/styles.css. I'd prefer that in the first index.php they would see css/styles.css and in the foo/index.php they would see ../css/styles.css.

Edited by gsingh2011
Link to comment
Share on other sites

Guest So Called

@ Don: No, much easier than that.

	header('X-Powered-By:');

Put that in your script before you have echoed any HTML output. You will get an error message otherwise, and the error might even include your base path information.

Edited by So Called
Link to comment
Share on other sites

Guest So Called

@ gsingh: Still not clear. Are both /index.php and /foo/index.php part of the same website, say perhaps example.com and example.com/foo? If so,

href="/css/styles.css"

What I mean to say is there is no need to use the $_SERVER variable. Or if you do, use $_SERVER['HTTP_HOST'].

Edited by So Called
Link to comment
Share on other sites

Guest So Called

Additional tip on not leaking out your absolute document root path: Whenever including a file, test for whether the file exists before you include it. If it exists then include it. If not, display your own error message. Otherwise a failed include or require will emit an error message with the path information included.

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

×
×
  • Create New...