0

I am making a site in local.

My paths looks like this in my website : (I know they are written in a dirty way...)

in php : 

include 'C:\wamp\www\horticole/inventaire/pages-parts/listing/next-page-module.php';

in html : 

background:url(http://localhost/horticole/images/header-bg-small.jpg);

// other example : 
<img src="http://localhost/horticole/inventaire/photos/indisponible.jpg" />

So, what will be the replacement acceptables links for the php files and for the html files ? ) Per example, for an include, what do I do here : (let's say my site name is www.urmom.com

include 'www.urmom.com/inventaire/pages-parts/listing/next-page-module.php';

//or
include 'http://www.urmom.com/inventaire/pages-parts/listing/next-page-module.php';

//or
include 'public_html/inventaire/pages-parts/listing/next-page-module.php';

//or what ?

also, if I include this : 

include '(site)/pages-parts/database-settings.php';

Will it be secure ? can someone can acces to my database settings or it's okay like this ? It may look dumb, but can people include my file and use my variables ?

The only thing I secured is PDO requests. I will replace all the links at once with a ctrl+f, so I want to be sure that it will work before giving acces to anything to public. I also want that only my "includes" and "require" in scripts can acces to the files in "(site)/pages-parts" or other folders, not visitors. what would be the .htacces code to place in the .htacces file in this folder to do that ?

4

1 回答 1

0

To include a file you could use something like this:

require_once($_SERVER['DOCUMENT_ROOT'] . '/pathtofile.php');

Regarding the security of include '(site)/pages-parts/database-settings.php';

That depends on what is in that file. However, on a high level, a way to protect that file would be to move it from the document root folder

于 2012-08-13T21:31:32.593 回答