Where is the best place to store php “include files” in a directory not accessible by a web server?
I have read in PHP books that “include” files should not be kept in your web space for security reasons. But where else can you put them? I’m using a shared server to host my future site. Do I put them on my own machine? Will this work? I don’t know what “keeping includes files in a directory not accessible to the web server” means. Can someone spell it out for me in plain (non-technical) English? Thanks in advance!!
Wow! Thanks Mohamed! I think we’re getting close! OK, so I have the following folders on my server:
mydomain.com (phpfile.php in this folder)
misc (miscfile.inc is in the folder)
Now the phpfile.php has the following script: (I think “script” is what it’s called 
include(”../misc/miscfile.inc”);
And when I look at my mydomain.com through the browser, I still get the following errors:
Warning: include(../misc/miscfile.inc) [function.include]: failed to open stream: No such file or directory in /home/.server/user/mydomain.com/ phpfile.php on line 12
Warning: include() [function.include]: Failed opening ‘../misc/miscfile.inc’ for inclusion (include_path=’.:/usr/local/php5/lib/php:/usr/local/lib/php’) in /home/.server/user/mydomain.com/ phpfile.php on line 12
Warning: mysqli_connect() [function.mysqli-connect]: (HY000/2002): Can’t connect to local MySQL server through socket ‘/var/run/mysqld/mysqld.sock’ (2) in /home/.tarantella/user/account (I ran out of space) Any ideas?
Bonsai Care
