Hi
A newbie(?) question: is correct use ".inc" at final of files for php? I saw some pages and tried in my server this question.
I found it inside a thread copied bellow.
Best, Claudio
On Sat, 20 Sep 2003 06:39:22 +0000, Phester wrote:
If a file has a .inc extension, or if it has a .inc.php extension, is it treated differently by the php interpreter? Or is it just a convention?
I've been calling my included files filename.php and it doesn't seem to hurt anything. Is it wrong to do that?
..php (by default) is the normal extension for files.
..inc was (/ still is?) used normally for files being used in include() or require() calls that reside on a remote server. Including a .php file from a remote server causes problems as it's retrieved as a parsed file, so you only retrieve the HTML output, rather than the PHP code you really want. As .inc isn't normally assigned in the server configuration, this will normally return as a text/plain file, meaning that all the PHP code is available when included.
I've never needed to use .inc files personally for remote retrieval, some seemed to use it in the earlier days for files include()d regardles of them being local or remote.. personally I prefer .php wherever I can to prevent accidental viewing of code.
Regards, Ian
The basic difference is a file named xxx.php will be server-side 'executed' (i.e. interpreted) automatically when a user (or progam) does a HTTP GET of that file (e.g. they type http://myserver.com/xxx.php in the address box of their browser. A file called xxx.inc (or xxx.txt, or xxx.foo) can still be retrieved by an http get (if it's publically accessible on the web server) but it will NOT trigger an automatic server-side execution of any script inside.
So if you have ancilliary PHP code that you want to store for convenience in multiple files, but you do not want end-users to be able to trigger the execution of the those files simply by typing their name in a browser, then you are safer if you do NOT call them *.php. Your main PHP script can still include those files regardless of what they are called, and the PHP code within will then be executed *because* the files have been 'included' in a *.php file, but the files cannot be executed independently on their own.
The explanation you found in the earlier post below is consistent with what I've put above and refers to an additional issue that using *.inc allows you to 'include' a file from a *remote* web server, without having the automatic server-side execution that would happen with a *.php file get in the way.
On 2012-03-09 20:38, Claudio Filho wrote:
Hi
A newbie(?) question: is correct use ".inc" at final of files for php? I saw some pages and tried in my server this question.
I found it inside a thread copied bellow.
Best, Claudio
On Sat, 20 Sep 2003 06:39:22 +0000, Phester wrote:
If a file has a .inc extension, or if it has a .inc.php extension, is it treated differently by the php interpreter? Or is it just a convention?
I've been calling my included files filename.php and it doesn't seem to hurt anything. Is it wrong to do that?
..php (by default) is the normal extension for files.
..inc was (/ still is?) used normally for files being used in include() or require() calls that reside on a remote server. Including a .php file from a remote server causes problems as it's retrieved as a parsed file, so you only retrieve the HTML output, rather than the PHP code you really want. As .inc isn't normally assigned in the server configuration, this will normally return as a text/plain file, meaning that all the PHP code is available when included.
I've never needed to use .inc files personally for remote retrieval, some seemed to use it in the earlier days for files include()d regardles of them being local or remote.. personally I prefer .php wherever I can to prevent accidental viewing of code.
Regards, Ian _______________________________________________ Roundcube Development discussion mailing list dev@lists.roundcube.net http://lists.roundcube.net/mailman/listinfo/dev
-
Claudio Filho -
Ian Lewis