Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Chriss Miller on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Where do you put your objects?

Status
Not open for further replies.
wcamp02

wcamp02

Programmer
Joined
Mar 11, 2003
Messages
11
Location
US
I am just now writing my first PHP Object and I realized I don't know where to put it. The best I can think of is an .inc file but then it is available only if I include it. I was expecting to find an 'objects' directory but the book doesn't mention it. Thanks for your help.
 
Sort by date Sort by votes
Do you mean where do you code up the class defintion ?
if not can you explioan what you mean by an object please ?
 
Upvote 0 Downvote
I'll assume you're talking about a class definition, as an object is just an instance of a class. What you describe is exactly how it's supposed to work. You pick a directory, make sure it's in your include_path, and include() the file when you want to use the class.

Also, it's generally considered a bad idea to use the .inc suffix for files that contain PHP code. On some server configurations, the web server will not recognize .inc files as PHP code and will just send them to the browser, allowing anybody to read your code. Depending on what you have in your include files, this could be a very serious security hole.
 
Upvote 0 Downvote
You're right. I did mean class definition (I've never written an object before.)

Adding the directory to the include_path worked. Thanks.

Regarding your comment about .inc files; is there the same danger with any suffix or is it just something special about the .inc suffix?
 
Upvote 0 Downvote
If you use .inc as suffix, remember to set up apache or whatever to EXECUTE it as php! Or people can view the source!!

Then, you can do some check on the top of the .inc file..

If the executing script has .inc extension:
Do nothing
Else
Do whatever

just in case someone finds your /inc/ folder.

Olav Alexander Mjelde
Admin & Webmaster
 
Upvote 0 Downvote
The danger is putting server-side code in a file that the server might not recognize as executable. You can have the same problem using ASP or any other server-side scripting technology. If the server isn't configured to run .inc files through the server-side script interpreter, it will just perform the default action (send the file contents unmodified) if another system requests it. To fix this, you can reconfigure the server to treat .inc files as PHP code, or, since the file extension isn't really important anyway, you can just give all your files a .php extension. That way, if you later move the code to another server, you don't have to worry about it, because you know a .php extension will always work.
 
Upvote 0 Downvote
Here's my two cents...

You can name the class files what you like as long as you include them. So a name as myclasses.inc would do. However, .inc files will be parsed as a text file by your server if you don't do anything to prevent it.

So how do we do that?

Several ways to do it. To name a few:

I. .htaccess

If you're on apache, then you can put a [tt].htaccess[/tt] file in your include directory that will prevent [tt].inc[/tt] files from being sent to browsers.

The [tt].htaccess[/tt] file must have this line in it:

[tt]Options -Indexes[/tt]

This in fact means that nothing in this folder (and sub folders) will be reachable to any browsing.


II. Name convention

Simply name your includes [tt].inc.php[/tt] -now includes will be parsed through PHP -hence, no source code visible.

III. Offline folder

Place the includes in a folder that is only accessable to the server (ie. your scripts).

What would I do?

I would choose the latter (III).

Regards


Jakob
 
Upvote 0 Downvote
My practice, is to not have a different ending of the filename.

I simply have a different beginning:
_foo.php
_gui.php
_messages.php
index.php

it's easy to tell them apart! the included start with underscore (_).

You can also protect with chmod, htaccess, whatever, but I would not call it .inc without making apache run it as php, via htaccess or whatnot.

Olav Alexander Mjelde
Admin & Webmaster
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

chrisjchrisj
  • Locked
  • Question Question
Can you tell me if this file outputs a subcategory page?
Replies
3
Views
501
spamjim
spamjim
bsanderson
  • Locked
  • Question Question
How do I add a link to change sort order?
Replies
2
Views
512
bsanderson
bsanderson
NickLeins
  • Locked
  • Question Question
I don't know how to remove the headings from my own blog
Replies
1
Views
382
spamjim
spamjim
pc3957
  • Locked
  • Question Question
Any ideas how I can download a file from a web site that requires login mimicking clicks
Replies
1
Views
362
spamjim
spamjim
EdLentz
  • Locked
  • Question Question
How can I run an arp-scan and put the results in a mysql table
Replies
11
Views
770
ChrisHirst
ChrisHirst

Part and Inventory Search

Sponsor

Back
Top