including php file from another server with php

file include php

I have two PHP files located on different servers, one at http://www.mysite.com/main.php, the other at http://www.sample.com/includeThis.php.

I want to include the second file from the first one.

The content of the second file looks like this:

<?php
$foo = "this is data from file one";

And the first file:

<?php
include "http://www.sample.com/includeThis.php";
echo $foo;

Is there any way I can do this?


Nope, this setting is disabled/not allowed by default in most web servers (php.ini) so you can not use the include to include the files from a remote addresss for security reasons.

If you still want to allow inclusion of remote files, the directive allow_url_include must be set to On in php.ini

But again it is a bad practice, in a security-oriented point of view ; and, so, it is generally disabled (I've never seen it enabled, actually)

If you want to read the contents of a remote file though, you can use the file_get_contents function instead BUT this will be returned as pure HTML markup code, there won't be any server-side code.


After reading your comments - in which you state that you want to do this as a means of copy protection - my answer is an emphatical, forget it. This is not how copy protection works.

The only thing you can do using include() is fetch source code from elsewhere to be interpreted on the local interpreter. This is childishly easy to crack: A malicious customer would to just have to echo() the fetched code.

Executing the remote script remotely (on your server) won't help you, because the state of that script (variables, functions...) won't be present in the script you call it from.

The options you have are:

  • Compiling / encoding / obfuscating the script, possibly requiring a specific PHP module to execute it (lots of questions about this on SO)

  • Creating a real web service (e.g. using SOAP) that runs on your server, and performs the requested operations

For what it's worth, though, I personally do not purchase, nor recommend to clients to purchase, encoded scripts and scripts that need to "phone home" in order to work. I believe in protecting your products through a stringent license agreement (that will scare business customers into buying your product, because the risks of getting caught stealing are too expensive.)

Related

setTimeout() is not waiting [duplicate]
Is Delphi "with" keyword a bad practice?
WITH statement in Java
Lost my keystore for uploaded app on android market [duplicate]
Type of 'this' pointer
Permission Denial: this requires android.permission.INTERACT_ACROSS_USERS_FULL
Is right shift undefined behavior if the count is larger than the width of the type?
How can I execute a function on pressing the enter key in an <input> field?
C#: Passing null to overloaded method - which method is called?
How to replace last occurrence of characters in a string using javascript
Word wrap a string in multiple lines
Capture keys typed on android virtual keyboard using javascript