I made a form process and broke the code up into different files to stay clean and organized.
Now I am setting up the form for https security.
Do all the files I pull into my page have to be called as https as well? In which case I can no longer use include(); as it no longer allows relative paths?
Is the solution to use file_get_contents();? Or does only the (master) page itself need to be called as https?
-
It sounds like you are confusing terminology. HTTPS is the protocol used to request a page from the server using SSL or TLS encryption. That is separate from how you serve the request.
In your PHP source includes are processed server-side. All of the includes will be done before PHP hands the page off to your web server to be returned over the TLS link.
file.php:
<?php include 'fileA.php'; include 'fileB.php'; ?>In the example above, the user agent (browser) never sees fileA.php or fileB.php. The page request is returned as a single document. You might request it via https://my-server.com/file.php, in which case that is all you need.
chris : thank you sir. Someone else had confused me. -
IF the files are on the same server you don't need to change anything.
include("file.php");
Will work just fine.
Also if you were to include a file from a nother https server, as long as you have the tls libraries setup properly, https isn't a problem
include("https://anotherserver.com/file.php");
would work provided the other server serves the PHP and does not execute it.
chris : I thought as of PHP5 include(); with absolute paths dont work... Is including with https an exception?Byron Whitlock : no. The path on the server is differnt than the path on the web site. so site.com/path might be /home/www/html/site.com/path. Include looks at the path of the servers filesystem.Frank Farmer : Absolute paths work with include() in PHP 5.
0 comments:
Post a Comment