I am running Apache 1.3.27 and PHP 4.3.0 on Red Hat Linux. It appears that the include_path directive (for httpd.conf and php.ini) is behaving in a slightly unpredictable manner and I was wondering if someone could lend me a hand.

Basically, I'd like to have one include_path that is true for all my virtual hosts, so I set up php.ini to have...

include_path = ".:/home/httpd/include"

and then each virtual host to have...

php_value include_path ".:/home/httpd/web/domain_name/www/include"

What I've done is placed the file I would like to include in my global include path, /home/httpd/include. When I start my server with that path specified in php.ini but nothing in my vhost entries, the file is included just fine. When I add the domain-specific include path to httpd.conf under the virtual host and then restart the server, php can't find the file anymore (it must no longer be using the "global" include specified in php.ini and is only using the include dir specified in my vhost entry).

I'd like to avoid softlinking back to my global include dir if possible. Can someone tell me what I'm doing wrong or offer advice? Thanks.

    One more thing... I was wondering if include_path and open_basedir are mutually exclusive. For instance, can I use an include_path outside of my vhost's folder, yet still restrict the file access using open_basedir to their folder? I seemed to get errors when I tried to do this.

    Since open_basedir is very important for our security, if I have to softlink my "local" include_path to the "global" one that would be preferable.

    Thanks again for your help.

      I finally found this link at php.net (is it just me, or does "search whole site" or "search online documentation [en]" at php.net never provide any results?)

      http://php.benscom.com/manual/en/features.safe-mode.php#ini.open-basedir

      and it seems to indicate that open_basedir is fairly restrictive, ie, you can never include a file outside the open_basedir directory, even if it's symlinked or specified within the include path.

      Can someone suggest how I can accomplish the following:

      (1) Prevent a vhost from opening files outside of its vhost directory, yet
      (2) Allow it to include files from a sort of "global library" we'd like to set up. Furthermore, I'm not sure how this would affect being able to use PEAR modules that were installed with the default 4.3.0 install.

      Thanks again, everyone.

        Write a Reply...