skip to Main Content

What I want do to is to include ‘file1.php’ from ‘domain1’ into ‘file2.php’ on ‘domain2’. So what I figured I should do is something like this:

file2.php
require_once '/var/www/vhosts/domain1/httpdocs/file1.php';

But this won’t work for reasons I can’t truly grasp. So what I did was to add my path to the include path. Something like:

file2.php
set_include_path(get_include_path() . PATH_SEPARATOR . "/var/www/vhosts/domain1/httpdocs");
require_once 'file1.php';

So can you please give me some hints as of where I’m doing wrong ?

Thanks

UPDATE – Either way I get the following error message:

Fatal error: require() [function.require]: Failed opening required '/var/www/vhosts/domain1/httpdocs/file1.php' (include_path='.:/php/includes:/usr/share/pear/') in /var/www/vhosts/domain2/httpdocs/file2.php on line 4

Also I have tried this both with safe_mode On and Off.

UPDATE2: Also I’ve changed the permissions to 777 on my test file and I’ve double-checked the paths to the include file in bash.

SOLUTION: I’ve managed to solve the mystery! My hosting company uses Plesk to manage domains and such. Also the error reporting level in php.ini was not E_ALL. When I set error reporting to E_ALL I got a warning saying:

Warning: require() [function.require]: open_basedir restriction in effect.

So I went in /var/www/vhosts/domain2/conf/httpd.include and edited the open_basedir path. Note that this is not a durable solution since this config file is rewritten by plesk each time the domain config is changed. What you should do is edit (or create) the ‘vhost.conf’ file in the same directory and then run:

 /usr/local/psa/admin/sbin/websrvmng --reconfigure-vhost --vhost-name=DOMAIN.TLD

This should reconfigure the settings for your domain but for some strange reason it won’t work with open_basedir. I can modify other things like document_root but it won’t change open_basedir, but that’s another problem 😀

SOLUTION FINAL: For those with the same problem here is the final code that worked. I just added this in /var/www/vhosts/domain2/conf/vhost.conf (you can change ‘/var/www/vhosts’ to ‘/’ or anything you like):

    <Directory /var/www/vhosts/DOMAIN.TLD/httpdocs>
    <IfModule mod_php5.c>
            php_admin_flag engine on
            php_admin_flag safe_mode off
            php_admin_value open_basedir "/var/www/vhosts"
    </IfModule>
            Options -Includes -ExecCGI
    </Directory>

Thank you all guys!

8

Answers


  1. You can include files from anywhere you want, unless your PHP script’s permissions, or the safe mode prevent it. Your first approach is perfectly fine. What errors do you get?

    Re the comments, that seem to confirm that there is no access from within PHP to a file that definitely exists. As to what it could be, Suhosin having been ruled out, the only thing I can think of is PHP or Apache being some kind of a a chroot Jail:

    The main benefit of a chroot jail is that the jail will limit the portion of the file system the daemon can see to the root directory of the jail. Additionally, since the jail only needs to support Apache, the programs available in the jail can be extremely limited. Most importantly, there is no need for setuid-root programs, which can be used to gain root access and break out of the jail.

    I have never worked with anything like this so I can’t tell you how to spot it (apart from doing a glob() on /var/www/vhosts and see what comes up. But I think this would have to have been set up by an administrator. Who runs your machine?

    Login or Signup to reply.
  2. what you are using is bad practice. put the dependent code into domain specific. Duplicating the same code is the right approach as it does not affect the operation of both sites.

    Try creating the symlink of file1.php and included that as if it is from the local directory.

    also make sure that .htaccess has the followsymlink option set to true

    how about trying this in your file2.php in domain2?

    require_once ‘../../../domain1/httpdocs/file1.php’;

    Login or Signup to reply.
  3. Try chmod 777 on a test php file to see if that works, if it does you have permission issues.
    Also do a simple phpinfo() and see if save mode is on.

    Login or Signup to reply.
  4. What happens if you try to require a different file:

    // test.php
    <?php
       echo 'Hello World';
    ?>
    
    // your file
    require_once('test.php');
    

    Does that work? If so, put test.php in the other location and try it again. Does it still work?

    Login or Signup to reply.
  5. You can not accomplish this if open_basedir is in effect, which prevents PHP from traversing out of the home directory.

    What you can do is make sure that docroot1 and docroot2 are owned by users in the same group, set group permissions accordingly and use a symbolic link from docroot2 to docroot1 to read the other web root.

    Or, re-build PHP and let it just follow typical *nix permissions like every other process 🙂

    Login or Signup to reply.
  6. I sit here wondering why You didn’t jus do a symlink. Or did I mis something?
    You could symlink a folder with needed includes to the path You have access to.

    Login or Signup to reply.
  7. This works on a couple of machines i manage

    ini_set("include_path",".:/hsphere/local/home/user_name/other_domain.com");
    require "filename.php";
    
    Login or Signup to reply.
  8. If the error relates to permission (and not file_not_found), whether the location is within documentRoot or Outside it, then the issue is usually selinux. Do not chmod 777 as it is risky without any real benefit; but instead just tell selinux that you are aware of this access by issuing this:

    chcon -R -t httpd_sys_rw_content_t /full-path-to-target-folder/
    

    Or let Apache own this as well by issuing the two:

    chown -R apache /full-path-to-target-folder/
    chcon -R -t httpd_sys_rw_content_t /full-path-to-target-folder/
    

    Also, symbolic links as advised by others, here and other related answers elsewhere, is only necessary if you want to access the file as client. For internal code access, the links are not necessary security-wise.

    Login or Signup to reply.
Please signup or login to give your own answer.
Back To Top
Search