PHP Includes: URL File-Access is Disabled in the Server Configuration

I recently updated the PHP version I am using on all of the websites for one of my clients only to discover in horror that the php include tag to display external content gave an error message:

Warning: include() [function.include]: URL file-access is disabled in the server configuration

and none of the external content would be displayed, so I did a quick search and found a fast turnaround for my problem.

You see, I had used the following syntax to display the content of my  client’s blog hosted on a separate domain within my client’s home page:

<?php include ("http://domain2.com/wordpress/index.php"); ?>

I found out that for security reasons when upgrading to the latest version of PHP available with our provider, by default the server is configured to disallow absolute paths for include files. A minor inconvenience for us, but it closed the loop on the possibility of server hijacking by email spammers without the administrator noticing! I am glas none of my sites were ever a victim, and I am glad that our provider is proactive regarding security threats.

So there are two possible solutions to this quandary. The first one is to use relative paths. If the content is within the root hosting directory, the standard syntax can be used to modify this include:

<?php include ("/wordpress/index.php"); ?>

The next best solution is to use a couple of functions,  the file_get_contents function and the echo function. The first function will read the file and convert it into a string. The second function will print the string onto the screen. So the PHP code will look like this:

<?php

$includeFile = file_get_contents("http://domain2.com/wordpress/index.php");

echo $includeFile;

?>

This worked like a charm. However, from what I understand, the best solution would be to use server variables. This way there is no need to rearrange code at all, ever! The server variable to use would be the $_SERVER[‘DOCUMENT_ROOT’] and the complete code would be like this:

<?php 

include $_SERVER['DOCUMENT_ROOT'] . 'domain2/wordpress/index.php'; 

?>

So, there you have it. I was very glad I did not have to reinvent the wheel and spend hours and hours of reviewing the latest manual for PHP 5.2 to figure out a workaround. I hope that if you landed on this page, you will find this information very useful.

 

About computerdoctora

Sylvia started designing websites in 1996 when ICQ was all the rage. Architecture and Planning took center stage while she honed her project management skills on large urban development projects. She translated her project management skills to the entertainment industry for a season through Act One, Hollywood Above the Line. She is now focused on her consulting work as an Architect and an Urban Planner.
This entry was posted in Web Design and tagged , , , , . Bookmark the permalink.

2 Responses to PHP Includes: URL File-Access is Disabled in the Server Configuration

  1. Kaylynn says:

    Unbelievable, how well-written and informative this was.

  2. Linda U says:

    I suggest adding a facebook like button for the blog!

Comments are closed.