PHP - include using $_SERVER['DOCUMENT_ROOT'] gives permission denied although its 777?

0
votes

I'm trying to get the root of my app in order to include files starting from it.. I use this

include_once $_SERVER['DOCUMENT_ROOT'].'/includes/myfile.php'

It show this error:

Warning: include_once(/usr/local/apache/htdocs/includes/db.php) [function.include-once]: failed to open stream: Permission denied .....etc

Warning: include_once() [function.include]: Failed opening '/usr/local/apache/htdocs/includes/myfile.php' for inclusion (include_path='.:/usr/lib/php:/usr/local/lib/php') in /home/usernamehere/public_html/includes/parentfile.php on line 14

but when use part of $_SERVER['SCRIPT_FILENAME'] (which equals '/home/username/public_html/parentfile.php') like this:

include_once '/home/username/public_html/includes/myfile.php';

It works correctly with no errors.

Is it a permission issue from server administrator side? Or I can solve it from mine?

2
phpinclude
Have you walked the directory path?Ed Heal
Didn't get it, what do you mean by "walked" ?Dabbas
I.e. checked the permissions/ownership/grouup for /usr/, /usr/local/ ...Ed Heal
Yes I did, the folder 'includes' has 777 permission.Dabbas
@Dabbas Just posted an answer. The details are clear in the error messages you see. $_SERVER['DOCUMENT_ROOT'] is for the whole web server, but not per-user public_html directories.Giacomo1968

2 Answers

2
votes

This does not work because it this:

include_once $_SERVER['DOCUMENT_ROOT']  . '/includes/myfile.php';

That $_SERVER['DOCUMENT_ROOT'] refers to the absolute web server main document root for the web server itself. Not per-user public_html web directories. Which is why this works:

include_once '/home/username/public_html/includes/myfile.php';

Is it a permission issue from server administrator side? Or I can solve it from mine?

1,000,000% no. This is simply an understanding of what path is what & why on a server.

Also, 777 permissions are horrible & a security risk. If the first think you believe needs to be done to solve an issue like this is to just go chmod 777 you are not solving the problem & creating a security risk.

777 means that 100% of anyone can read, write or execute that file. And that is just not needed for PHP running under Apache.

For a PHP file it can jet be 664 or 644 because PHP files do not need to be executed. They just need to be read by the file system & then parsed by the Apache PHP module.

That said, if you are trying to simplify the way that files are loaded, you should explicitly set a $BASE_PATH like this:

$BASE_PATH = '/home/username/public_html/';

And then set your include_once like this:

include_once $BASE_PATH  . 'includes/myfile.php';

Automatting the way file paths are set for installs just never works well. Best just to manually set a $BASE_PATH in a config file when you move code than deal with the headaches caused by PHP constants like $_SERVER not being consistent between installs, setups & configurations.

-1
votes

The document root is set in apache. If not configured right your doc root could be somewhere else.

That being said, you should look at map ownership. Apache runs under a set user. If your user does not have rights to the specific folder (ie user root, which is probably not your apache user) you won't have access.

The 777 isn't necessary for includes and is even not recommended for a folder which apache has access to. 776 should be the absolute maximum for rights.