Question posted in 
What I want do to is to include ‘file1.php’ from ‘domain1’ into ‘file2.php’ on ‘domain2’. So what I figured I should do is something like this:
file2.php
require_once '/var/www/vhosts/domain1/httpdocs/file1.php';
But this won’t work for reasons I can’t truly grasp. So what I did was to add my path to the include path. Something like:
file2.php
set_include_path(get_include_path() . PATH_SEPARATOR . "/var/www/vhosts/domain1/httpdocs");
require_once 'file1.php';
So can you please give me some hints as of where I’m doing wrong ?
Thanks
UPDATE – Either way I get the following error message:
Fatal error: require() [function.require]: Failed opening required '/var/www/vhosts/domain1/httpdocs/file1.php' (include_path='.:/php/includes:/usr/share/pear/') in /var/www/vhosts/domain2/httpdocs/file2.php on line 4
Also I have tried this both with safe_mode On and Off.
UPDATE2: Also I’ve changed the permissions to 777 on my test file and I’ve double-checked the paths to the include file in bash.
SOLUTION: I’ve managed to solve the mystery! My hosting company uses Plesk to manage domains and such. Also the error reporting level in php.ini was not E_ALL. When I set error reporting to E_ALL I got a warning saying:
Warning: require() [function.require]: open_basedir restriction in effect.
So I went in /var/www/vhosts/domain2/conf/httpd.include and edited the open_basedir path. Note that this is not a durable solution since this config file is rewritten by plesk each time the domain config is changed. What you should do is edit (or create) the ‘vhost.conf’ file in the same directory and then run:
/usr/local/psa/admin/sbin/websrvmng --reconfigure-vhost --vhost-name=DOMAIN.TLD
This should reconfigure the settings for your domain but for some strange reason it won’t work with open_basedir. I can modify other things like document_root but it won’t change open_basedir, but that’s another problem 😀
SOLUTION FINAL: For those with the same problem here is the final code that worked. I just added this in /var/www/vhosts/domain2/conf/vhost.conf (you can change ‘/var/www/vhosts’ to ‘/’ or anything you like):
<Directory /var/www/vhosts/DOMAIN.TLD/httpdocs>
<IfModule mod_php5.c>
php_admin_flag engine on
php_admin_flag safe_mode off
php_admin_value open_basedir "/var/www/vhosts"
</IfModule>
Options -Includes -ExecCGI
</Directory>
Thank you all guys!
8
Answers
You can include files from anywhere you want, unless your PHP script’s permissions, or the safe mode prevent it. Your first approach is perfectly fine. What errors do you get?
Re the comments, that seem to confirm that there is no access from within PHP to a file that definitely exists. As to what it could be, Suhosin having been ruled out, the only thing I can think of is PHP or Apache being some kind of a a chroot Jail:
I have never worked with anything like this so I can’t tell you how to spot it (apart from doing a
glob()on/var/www/vhostsand see what comes up. But I think this would have to have been set up by an administrator. Who runs your machine?what you are using is bad practice. put the dependent code into domain specific. Duplicating the same code is the right approach as it does not affect the operation of both sites.Try creating the symlink of file1.php and included that as if it is from the local directory.also make sure that .htaccess has the followsymlink option set to true
how about trying this in your file2.php in domain2?
require_once ‘../../../domain1/httpdocs/file1.php’;
Try chmod 777 on a test php file to see if that works, if it does you have permission issues.
Also do a simple phpinfo() and see if save mode is on.
What happens if you try to require a different file:
Does that work? If so, put test.php in the other location and try it again. Does it still work?
You can not accomplish this if
open_basediris in effect, which prevents PHP from traversing out of the home directory.What you can do is make sure that docroot1 and docroot2 are owned by users in the same group, set group permissions accordingly and use a symbolic link from docroot2 to docroot1 to read the other web root.
Or, re-build PHP and let it just follow typical *nix permissions like every other process 🙂
I sit here wondering why You didn’t jus do a symlink. Or did I mis something?
You could symlink a folder with needed includes to the path You have access to.
This works on a couple of machines i manage
If the error relates to permission (and not file_not_found), whether the location is within documentRoot or Outside it, then the issue is usually selinux. Do not chmod 777 as it is risky without any real benefit; but instead just tell selinux that you are aware of this access by issuing this:
Or let Apache own this as well by issuing the two:
Also, symbolic links as advised by others, here and other related answers elsewhere, is only necessary if you want to access the file as client. For internal code access, the links are not necessary security-wise.