Usually the first thing you want to do here is check your error log. Most
of the time, this sort of thing will be a permissions problem, as the apache
server runs the PHP scripts as a user (ie you), that user needs to have the
ability to execute those files. If you aren't sure, make the file owner you
and give the files 777 and work backwards from there. Don't forget to check
the directory permissions as well as the file permissions. From a hosting
point of view, its different and a little more complicated if you have
multiple users on the server, if it's just you though, it makes it a little
easier. Take note of what the file permissions/ownership are befor eyou
change them (in case this isn't the problem).
Another simple things to check - make sure you're using the full path, ie,
/var/www/secure/filename.php
How are you including them? I use a
require("/pathtofile/filename.php");
Works for me assuming I have the right permissions.
Best Regards
Bob Irwin
Server Admin & Web Programmer
Planet Netcom
----- Original Message -----
From: "Andre Dubuc" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Thursday, August 22, 2002 11:19 AM
Subject: [PHP] Further Security Clarifications [was: Simple Security
Clarifcation]
> My main files are located in /var/www/html (the 'DOCUMENT_ROOT' in Apache,
> according to php.ini). All sensitive files have been moved to
> '/var/www/secure', but now I can't access them! (According to php.ini, the
> PHP core 'doc_root=none').
>
> I'm totally confused. If I understand this correctly, I want the files in
> '/var/www/secure' to be served through php scripts that reside in the
> individual files that call them up in /var/www/html. So, the problem seems
to
> be that either Apache or PHP doesn't know/can't access them. So, what am I
> doing wrong here?
>
> I've also added a <FILes ~"\.sht$"> directive to refuse all .sht files
> (they're .inc's). How do get access for php to the secure file directory,
and
> exclude the hackers?
>
> At this point, I'm about as confused as I've ever been since beginning
PHP.
> Any clarifications that will guide back into the fold, will be greatly
> appreciated!
>
> Tia,
> Andre
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
>
> Scanned by PeNiCillin http://safe-t-net.pnc.com.au/
>
> Scanned by PeNiCillin http://safe-t-net.pnc.com.au/
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
