SSI includes - Apache, date formats Options

[jimlongo]

I think you might be caught up with the term .htaccess . . . for instance in my Cpanel the directives for PHP make no reference to .htaccess, they try to make it user friendly by eliminating the magic behind the curtain.

Like Christian said, the shortest route may be just to contact your provider. Tell them you want to enable php to be parsed within html documents. It's a pretty common request.

[Brian Chandler]

To be able to run php within an html document you need to add the following directive in your .htaccess file

CODE

AddType application/x-httpd-php .php .php4 .php3 .phps

The above makes the PHP engine look for PHP scripts in files ending with the specified extensions .php .php4 .php3 .phps. To make it work with .html extensions you must add that one too. You can probably delete the rest if you're not going to use them anyway, but maybe it's good to keep at least .php (like if you include a .php file in a .html file)?

No, you don't need the extensions of files that will be included. The .htaccess thing tells the server to pass http requests for these types of file through the PHP interpreter - but once the PHP interpreter is looking at a file, it looks at everything, including 'included' files of whatever type or flavour.

[Christian J]

CODE

<html>
<?php phpinfo(); ?>
</html>

As a side-note I don't think you should use those HTML tags, the phpinfo() function creates all the HTML.

[ShadowyBob]

Thanks Christian J. As another aside – does it matter if a file has the extension .htm as opposed to .html?

jimlongo, you're right, I think I'll have to short-circuit all this by using the £1 a minute phone call (but, of course, not available at weekends)!!

Brian, so are you saying all that is needed is

CODE

AddType application/x-httpd-php

?

[jimlongo]

Thanks Christian J. As another aside – does it matter if a file has the extension .htm as opposed to .html?

jimlongo, you're right, I think I'll have to short-circuit all this by using the £1 a minute phone call (but, of course, not available at weekends)!!

Brian, so are you saying all that is needed is

CODE

AddType application/x-httpd-php

?

I'm no expert, but by my reading of the Apache docs http://httpd.apache.org/docs/1.3/mod/mod_mime.html#addtype you do need to add the extensions of filetypes you want parsed for php. If you want to have php parsed inside of html documents you need to add it to the directive. If you want to use .htm as well as .html then add that

CODE

AddType application/x-httpd-php .php .html .htm  

[Christian J]

Thanks Christian J. As another aside – does it matter if a file has the extension .htm as opposed to .html?

No, not as long as .htm is specified.

Brian, so are you saying all that is needed is

CODE

AddType application/x-httpd-php

?

I think Brian meant that you don't need to specify the extensions of included files (but you must still specify the including files). So this:

CODE

AddType application/x-httpd-php .html

will switch on the PHP engine for .html files. Then if e.g. foo.html contains

CODE

<?php include('foo.txt'); ?>

foo.txt will be included, even though .txt is not specified in the AddType directive. You can even put PHP inside foo.txt:

CODE

<?php echo 'This is in foo.txt'; ?>

and it should run in foo.html.

[ShadowyBob]

Thanks jimlongo and Christian J. I'll report back after having a word with my server help desk.

[Brian Chandler]

I think Brian meant that you don't need to specify the extensions of included files (but you must still specify the including files). So this:

CODE

AddType application/x-httpd-php .html

will switch on the PHP engine for .html files. Then if e.g. foo.html contains

CODE

<?php include('foo.txt'); ?>

foo.txt will be included, even though .txt is not specified in the AddType directive. You can even put PHP inside foo.txt:

CODE

<?php echo 'This is in foo.txt'; ?>

and it should run in foo.html.

Not only "should", it will. And not only you can put '<?php' inside the included file, anyone can. So an important security notion is that you must never use "include" on anything that might have been supplied by a user.

[ShadowyBob]

Not only "should", it will. And not only you can put '<?php' inside the included file, anyone can. So an important security notion is that you must never use "include" on anything that might have been supplied by a user.

Excellent tip – thanks Brian

[ShadowyBob]

Right - after what seems an age, I'm back with some more information and would love some more help please:

1. Information from server help desk -

...your www folder is the top level your programs can run from and you may require to amend your scripting to reflect this...

2. If I create an .htaccess file on my root directory with the line

CODE

AddType application/x-httpd-php .html .htm

all the pages with

CODE

<!--#include virtual="/included/foo.htm" -->

show an error message instead of the included file.
3. If I add the line

CODE

Options + Includes

to the .htaccess file, I get the Internal Server Error message.

Any suggestions?

[Peter1968]

It's Options +Includes (no space there), and in the AddType directive, get rid of .htm and .html, put .shtml there instead and try naming your SSI-enabled files with the .shtml extension.

Failing this, google for the XBitHack method.

This post has been edited by Peter1968: Nov 6 2006, 03:49 PM

[Christian J]

2. If I create an .htaccess file on my root directory with the line

CODE

AddType application/x-httpd-php .html .htm

all the pages with

CODE

<!--#include virtual="/included/foo.htm" -->

show an error message instead of the included file.

Doesn't

CODE

AddType application/x-httpd-php .html .htm

apply to PHP exclusively? But

CODE

<!--#include virtual="/included/foo.htm" -->

is SSI, not PHP. Making both SSI and PHP work on the same page is tricky if at all possible (can't quite remember).

[Peter1968]

CODE

AddType application/x-httpd-php .html .htm

Ack, should've seen that. My bad

[ShadowyBob]

Thanks Christian J and Peter1968.

Re .htaccess, I got rid of the space between the '+' and the 'Includes' - made no difference - still the Internal Server Error. I then removed the 'AddType...' declaration and the site was again accessible. It certainly seems that the two don't go down well together!

I reckon I'm going to stick with the SSI 'includes' - at least I know it works (and it doesn't need the .htccess file)!

Do I now take it as a certain that the two can't be mixed or is there somewhere I could go to find out?

[jimlongo]

They should work together.

Since you say you can use SSI without the .htaccess why not try it with just the AddType declaration for php in the .htaccess file and see if that works. Cause the Includes line is not needed for php parsing.

[Christian J]

Do I now take it as a certain that the two can't be mixed

They might work if you use .shtml and/or .php extensions. Perhaps you can use .html for one but not the other. But I haven't been able to make both SSI and PHP work with .html extensions (yet).

[ShadowyBob]

Thanks jimlongo, but see my post above:

...
2. If I create an .htaccess file on my root directory with the line

CODE

AddType application/x-httpd-php .html .htm

all the pages with

CODE

<!--#include virtual="/included/foo.htm" -->

show an error message instead of the included file.
...

Thanks also, Christian J – if you manage it let me know! In the meantime I'll keep looking and experimenting.