How to include file outside document root?
You can not accomplish this if
open_basedir is in effect, which prevents PHP from traversing out of the home directory.
What you can do is make sure that docroot1 and docroot2 are owned by users in the same group, set group permissions accordingly and use a symbolic link from docroot2 to docroot1 to read the other web root.
Or, re-build PHP and let it just follow typical *nix permissions like every other process :)
You can include files from anywhere you want, unless your PHP script's permissions, or the safe mode prevent it. Your first approach is perfectly fine. What errors do you get?
Re the comments, that seem to confirm that there is no access from within PHP to a file that definitely exists. As to what it could be, Suhosin having been ruled out, the only thing I can think of is PHP or Apache being some kind of a a chroot Jail:
The main benefit of a chroot jail is that the jail will limit the portion of the file system the daemon can see to the root directory of the jail. Additionally, since the jail only needs to support Apache, the programs available in the jail can be extremely limited. Most importantly, there is no need for setuid-root programs, which can be used to gain root access and break out of the jail.
I have never worked with anything like this so I can't tell you how to spot it (apart from doing a
/var/www/vhosts and see what comes up. But I think this would have to have been set up by an administrator. Who runs your machine?
This works on a couple of machines i manage
ini_set("include_path",".:/hsphere/local/home/user_name/other_domain.com"); require "filename.php";
I sit here wondering why You didn't jus do a symlink. Or did I mis something? You could symlink a folder with needed includes to the path You have access to.
Just your average web developer lad from Romania.Updated on August 16, 2020
Brayn over 2 years
What I want do to is to include 'file1.php' from 'domain1' into 'file2.php' on 'domain2'. So what I figured I should do is something like this:
file2.php require_once '/var/www/vhosts/domain1/httpdocs/file1.php';
But this won't work for reasons I can't truly grasp. So what I did was to add my path to the include path. Something like:
file2.php set_include_path(get_include_path() . PATH_SEPARATOR . "/var/www/vhosts/domain1/httpdocs"); require_once 'file1.php';
So can you please give me some hints as of where I'm doing wrong ?
UPDATE - Either way I get the following error message:
Fatal error: require() [function.require]: Failed opening required '/var/www/vhosts/domain1/httpdocs/file1.php' (include_path='.:/php/includes:/usr/share/pear/') in /var/www/vhosts/domain2/httpdocs/file2.php on line 4
Also I have tried this both with safe_mode On and Off.
UPDATE2: Also I've changed the permissions to 777 on my test file and I've double-checked the paths to the include file in bash.
SOLUTION: I've managed to solve the mystery! My hosting company uses Plesk to manage domains and such. Also the error reporting level in php.ini was not E_ALL. When I set error reporting to E_ALL I got a warning saying:
Warning: require() [function.require]: open_basedir restriction in effect.
So I went in /var/www/vhosts/domain2/conf/httpd.include and edited the open_basedir path. Note that this is not a durable solution since this config file is rewritten by plesk each time the domain config is changed. What you should do is edit (or create) the 'vhost.conf' file in the same directory and then run:
/usr/local/psa/admin/sbin/websrvmng --reconfigure-vhost --vhost-name=DOMAIN.TLD
This should reconfigure the settings for your domain but for some strange reason it won't work with open_basedir. I can modify other things like document_root but it won't change open_basedir, but that's another problem :D
SOLUTION FINAL: For those with the same problem here is the final code that worked. I just added this in /var/www/vhosts/domain2/conf/vhost.conf (you can change '/var/www/vhosts' to '/' or anything you like):
<Directory /var/www/vhosts/DOMAIN.TLD/httpdocs> <IfModule mod_php5.c> php_admin_flag engine on php_admin_flag safe_mode off php_admin_value open_basedir "/var/www/vhosts" </IfModule> Options -Includes -ExecCGI </Directory>
Thank you all guys!