php.ini include_path和ssi
[英]Php.ini include_path and ssi
问题描述
I have an ssi directory outside of my website webroot (var/www/shared/ssi) 
我在网站根目录(var / www / shared / ssi)之外有一个ssi目录
I would like all differnet virtual hosts on the server to be able to access files in this directory so I added the path to include_path in php.ini 我希望服务器上的所有differnet虚拟主机都能够访问此目录中的文件,因此我在php.ini中将路径添加到include_path
Now I can simply do the following to load ssi files in this directory. 现在,我可以简单地执行以下操作以将ssi文件加载到此目录中。
<?php include 'header.htm'; ?>
My question is - is this good practice? 我的问题是-这是好习惯吗? And should I be aware of any security implications of doing this? 我应该知道这样做的任何安全隐患吗?
Thanks 谢谢
1 个解决方案
解决方案1
3 已采纳 2011-12-01 16:41:54
The command 命令
<?php include 'header.htm'; ?>
will execute any PHP code inside header.htm . 将执行header.htm内的任何PHP代码。 If you can't fully trust its contents, it's not a good idea. 如果您不能完全信任它的内容,那不是一个好主意。 In that case, do 在这种情况下,
<?php readfile("header.htm"); ?>
this will read the file, not execute any PHP code in it, and output it. 这将读取文件, 而不执行其中的任何PHP代码,并将其输出。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.