|
|
|
|
Bookmark this on Delicious
Share on Facebook
 Slashdot It!
Digg  get_included_files
Returns an array with the names of included or required files
(PHP 4, PHP 5)
Example 1837. get_included_files() example<?phpThe above example will output: abc.phpCode Examples / Notes » get_included_fileswarhog
The example is simply wrong as the behaviour of this function changed. It now in fact returns some absolut filenames (like you were using realpath() on them). In the past it returned the same string that was used to include/require the file. example (file in /var/www ): require('../www/somefile.php'); would be listed as ../www/somefile.php in the past but now as /var/www/somefile.php . The problem with the prior behaviour was that when you changed the working directory and used realpath() on the filenames than you got the wrong file or FALSE. I think the behviour was changed with PHP 5.0.0 (and therefor PHP 4.3.0) but I'm not sure. It is not mentioned here in the manual unfortunately. indigohaze
Something that's not noted in the docs, if a file is included remotely and you do a get_included_files() in the include itself it will *not* return the document that included it. ie: test2.php (server 192.168.1.14): <?php include("http://192.168.1.11/test/test3.php"); ?> test3.php (server 192.168.1.11): <?php $files = get_included_files(); print_r($files); ?> returns: Array ( [0] => /var/www/localhost/htdocs/test/test3.php ) Which means you can use get_included_files() to help intercept and prevent XSS-style attacks against your code. ahmetantmen
Note that; you can't solve primary filename with get_included_files() to block directly accesses if you using a graphic file created with php or a stylesheet or a php script run under iframe and etc...
php
Just FYI, the given example will return this ONLY if executed from the filesystem root: abc.php test1.php test2.php test3.php test4.php What makes this function useful is that it actually returns the complete path of each file. Like this: /path/including/document_root/to/abc.php /path/including/document_root/to/test1.php /path/including/document_root/to/test2.php /path/including/document_root/to/test3.php /path/including/document_root/to/test4.php gamblor
In regards to __FILE__ != $_SERVER['SCRIPT_FILENAME'] to check for a file as an include: This only works if you are using PHP as an Apache module; when using PHP as a CGI binary on shared hosts, the filepaths may differ, even if they end up pointing to the exact same file. For example, __FILE__ might be /home/SERVER/USER/SITE/test.php and $_SERVER['SCRIPT_FILENAME'] might be /home/USER/SITE/test.php Because of the SERVER included in the __FILE__ path, the comparison returns true, even though the file is not being included by any other file. quis -at- maffiaworld -dot- n e t
If you wan`t to compare __FILE__ and $_SERVER['SCRIPT_NAME'] you could use realpath() it strips out symlinks and things like that realpath(__FILE__) == realpath($_SERVER['SCRIPT_NAME']) yarco dot w
If you have a MAIN php script which you don't want to be included by other scripts, you could use this function. For example: main.php: <?php function blockit() { $buf = get_included_files(); return $buf[0] != __FILE__; } blockit() and exit("You can not include a MAIN file as a part of your script."); print "OK"; ?> So other script couldn't include main.php to modify its internal global vars. keystorm :at: gmail dotcom
As of PHP5, this function seems to return an array with the first index being the script all subsequent scripts are included to. If index.php includes b.php and c.php and calls get_included_files(), the returned array looks as follows: index.php a.php b.php while in PHP<5 the array would be: a.php b.php If you want to know which is the script that is including current script you can use $_SERVER['SCRIPT_FILENAME'] or any other similar server global. If you also want to ensure current script is being included and not run independently you should evaluate following expression: __FILE__ != $_SERVER['SCRIPT_FILENAME'] If this expression returns TRUE, current script is being included or required. rpaseur
As is often the case, YMMV. I tried the __FILE__ and SCRIPT_FILENAME comparison and found this: SCRIPT_FILENAME: /var/www/cgi-bin/php441 __FILE__: /raid/home/natpresch/natpresch/RAY_included.php As an alternative: count(get_included_files()); Gives one when the script is standalone and always more than one when the script is included. 131 dot php
Actually, auto_prepend_files are listed with get_included_files ( php 5.2 )
|
Change Language
assert_options assert dl extension_loaded get_cfg_var get_current_user get_defined_constants get_extension_funcs get_include_path get_included_files get_loaded_extensions get_magic_quotes_gpc get_magic_quotes_runtime get_required_files getenv getlastmod getmygid getmyinode getmypid getmyuid getopt getrusage ini_alter ini_get_all ini_get ini_restore ini_set main memory_get_peak_usage memory_get_usage php_ini_scanned_files php_logo_guid php_sapi_name php_uname phpcredits phpinfo phpversion putenv restore_include_path set_include_path set_magic_quotes_runtime set_time_limit sys_get_temp_dir version_compare zend_logo_guid zend_thread_id zend_version |
