What can go wrong when including another file into your php file

By David Yin on June 14, 2009 5:23 PM | No Comments | No TrackBacks

It is very often to include another file as a part of your script.

require_once("/path"/to/file.php");


When do this kind of including, should be very careful on following parts.
1) The path to the script is wrong.

2) The path to the script is correct, but the script is in a forbidden directory.


3) The include file has a blank line or space before or after the code in the PHP script.
It is very easy to omit the space after the code.

4) The include file can be viewd by non-PHP methods.

5) You're in include overload.

6) You are using unchecked variables as include filenames.
It may make your site unsafe in some situation.


The tips of including file are learned from "Wicked Cool PHP"

Add to Technorati Favorites



StumbleUpon Toolbar

 
Subscribe in a reader

Related Articles

Categories:

Tags:

No TrackBacks

TrackBack URL: http://www.yinfor.com/mtcgi/mt-t-0916.cgi/2388

Leave a comment

Yin's Family

About this Entry

This page contains a single entry by David Yin published on June 14, 2009 5:23 PM.

Upgrade to MovableType 4.26 successfully was the previous entry in this blog.

How to upgrade phpBB 3.0.4 to phpBB3.0.5 is the next entry in this blog.

Find recent content on the main index or look in the archives to find all content.

Pages

Categories

Monthly Archives

Tag Cloud

OpenID accepted here Learn more about OpenID
Powered by Movable Type 4.31-en

Search

Subscribe

Online Tools

Code Convertor