Welcome to WebmasterWorld Guest from 50.19.190.144

Forum Moderators: coopster & jatar k

Message Too Old, No Replies

include('script.php?value=$value')

is this possible?

     
12:21 pm on Jul 20, 2004 (gmt 0)

New User

10+ Year Member

joined:July 20, 2004
posts:5
votes: 0


Hi.

I would like to create this PHP script

<?php
$value = 18;
include('script.php?value=$value');
?>

But I get this error message:
Warning: main(script.php?value=$value): failed to open stream: No such file or directory
Warning: main(): Failed opening 'script.php?value=$value' for inclusion (include_path='.;c:\php4\pear')

Any suggestion? Thank you very much.

2:14 pm on July 20, 2004 (gmt 0)

Moderator from CA 

WebmasterWorld Administrator httpwebwitch is a WebmasterWorld Top Contributor of All Time 10+ Year Member

joined:Aug 29, 2003
posts:4059
votes: 0


try:

include("pagename.php?var=".$var);

For one thing, the single quotes don't allow internal variable substitution. Double-quotes do. But I prefer to escape from the quotes and concatenate with the "."

3:29 pm on July 20, 2004 (gmt 0)

Senior Member

WebmasterWorld Senior Member 10+ Year Member

joined:Sept 22, 2002
posts:1749
votes: 0


There also is no need for the query string, as all variables in the including script are automatically passed to the included script.

So if script.php contains

<?php
echo $value;
?>

, the script

<?php
$value= 18;
include('script.php');
?>

will result in this output:

18

7:30 pm on July 20, 2004 (gmt 0)

Moderator from CA 

WebmasterWorld Administrator httpwebwitch is a WebmasterWorld Top Contributor of All Time 10+ Year Member

joined:Aug 29, 2003
posts:4059
votes: 0


oh, of course. that's true. include() brings in code from elsewhere and executes it in the current scope. so if you define $value=1, then include another file, it's not like the other file has a "mind of its own" where $value can be anything other than 1.

The inlcuded file also doesn't have its own $_GET collection so what's the point of passing it a querystring?

if it were so, then include() could be used for recursive including, which it's not intended to do.

And here I was thinking I had offered good advice by fixing someone's syntax. (blush)
sorry!

8:31 pm on July 20, 2004 (gmt 0)

New User

10+ Year Member

joined:July 20, 2004
posts:5
votes: 0


Thank you very much.

I tested it some months ago, and I didn't remember it! :(

10:08 pm on July 20, 2004 (gmt 0)

Senior Member

WebmasterWorld Senior Member 10+ Year Member

joined:Apr 20, 2004
posts:1475
votes: 0


Just a quickie:

You may also build the reference before invoking it, i.e.

$include_page="script.php?value=$value";
include($include_page);

It looks like your problem is solved, but the above may still be useful at some point.

:)

1:18 am on July 22, 2004 (gmt 0)

Junior Member

10+ Year Member

joined:Oct 26, 2002
posts:173
votes: 0


Re: include
Have a look at the documentation: [de.php.net...] It is explained there. If you use include and pass an URI than the parameter will be interpreted, however what you are including will be the parsed output from the script. Except in some very special cases that will have a completely different effect, than including the Raw php which will be parsed together with the code from the PAge doing the including.


<?php
echo $value;
?>

, the script

<?php
$value= 18;
include('script.php');
?>

I guess this comes closest to what the original question was asking for. However using Variables in the global context is bad idea, especially when you are using includes like that.
If register_globals is turned on, and the included file lies in the document root of the webserver anybody cann call the script passing it whichever value it wants. There have been loads of exploits for popular Software-Packages that resulted from this behaviour.

Possible solution: Prevent the included script from being directly called by a user. Either by moving it out of the document-root, or by denying acces to it via .htaccess, or by checking for a defined constant in the included file (which you then have to define in all the scripts that include those files - if it is undefined, die()). Which leads to the above example looking like:


<?php
if (!defined(MY_CHECK)) die();
echo $value;
?>

, the script

<?php
$value= 18;
define('MY_CHECK', true);
include('script.php');
?>