1

I'm having an issue with PHP require (I think) and crontab. I'm using AWS.

The error looks like this:

PHP Fatal error:  require(): Failed opening required '/inc/classes/core/inc.php' (include_path='.:/usr/share/pear:/usr/share/php') in /var/www/html/inc/files/core/config.php on line 16

My PHP require looks like this:

    require($_SERVER['DOCUMENT_ROOT'].'/inc/files/core/config.php');

There are similar issues here about the same thing and I looked at them, but their solutions didn't seem to work for me. One of the things I tried from Stackoverflow was this:

    $_SERVER['DOCUMENT_ROOT'] = realpath(dirname(__FILE__).'/../../../../');
    require($_SERVER['DOCUMENT_ROOT'].'/inc/files/core/config.php');

Another was adding this to my php ini file (also a suggestion from another thread):

include_path = ".:/usr/share/php:/var/www/<directory>/"

I also tried being direct with the path (i.e., /var/www/public/inc/etc) which didn't work.

My file dictionary is like:

  • public
  • -- inc
  • ---- files
  • ------ site
  • -------- cron
  • -- etc
  • -- etc

I should note that the requires are the same on every page and they work, except in the cron job. I read that this could be because of the $_SERVER['DOCUMENT_ROOT'] var being set by the user as they browse and can't be set by the crontab, but I can't figure out the fix.

The crontab looks like this, but it seems to send an email every 5 minutes like it's supposed to so I don't think there's any issue here.

*/5 * * * * /usr/bin/php /var/www/html/inc/files/site/cron/shop.php

I'm hoping someone has some insight on this because I'm stumped! I didn't set up any of the crontab work but the person who did left, and I'm not familiar with it.

I put in all the information here I could think of, but I'm happy to answer any additional questions.

Improve this question
2
  • If you echo/var_dump $_SERVER['DOCUMENT_ROOT'].'/inc/files/core/config.php', do you get the expected output? Commented Aug 3, 2018 at 20:18
  • I get the full expected output from both realpath(dirname(FILE).'/../../../../') and $_SERVER['DOCUMENT_ROOT'] , yes! :( Commented Aug 3, 2018 at 20:28

1 Answer 1

Reset to default
2

There is no $_SERVER when running php-cli. It will return empty or null value.

$_SERVER is an array containing information such as headers, paths, and script locations. The entries in this array are created by the web server.

https://secure.php.net/manual/en/reserved.variables.server.php

Replace with a path to the file you want, assuming the path of the script you are running. This may work, but maybe you need to add or remove some of the ../

require(__DIR__ . '/../../../files/core/config.php');

The error you get points to config.php file. You probably have another $_SERVER there, that you need to replace and/or find a way to identify whether is a HTTP request or php-cli.

Something like

if($_SERVER['DOCUMENT_ROOT']) {
    require($_SERVER['DOCUMENT_ROOT'] . ...);
} else {
    require(__DIR__. ...);
}

You may want to add a global constant that points to the root of you project.

if($_SERVER['DOCUMENT_ROOT']) {
    const BASEDIR = $_SERVER['DOCUMENT_ROOT'];
} else {
    const BASEDIR = __DIR__. ...;
}

Then use BASEDIR for the entire application.

EDIT: as suggested by @YvesLeBorg, you can create a different file, that call your entry point with curl or wget.

*/5 * * * * /usr/bin/php /path/to/my_script.sh

Then in my_script.sh you can write

wget http://my_web_page/shop.php

Then you will have a $_SERVER and there is no need to refactor. Be aware of security, as anyone can call you page and run your proccess. You may want to use a token and validate IP Address to be sure that only you can call this shop.php page.

Improve this answer
Sign up to request clarification or add additional context in comments.

4 Comments

i scoot around that by using a wget in my crontab instead of php-cli. Rely on the SAPI.
That will reduce the code refactor, but need to be aware of security.
Thanks for the advice! I think (I use this word hesitantly) using DIR./../../etc worked, though I'm running into a different issue now that I'm sure I can solve. I was trying to fix this on just one page rather than refactoring the code because the website is very large, about 15K files, and I'd rather have it working in one place before changing everything.
@FelippeDuarte correct about sec : dedicated vhost on a phi with dedicated secure net IP addys, with custom iptable rules that only accept connections from the app layer instances. Bad guy would have to travers a lot of security artefacts to enter one of the app layer instances to exploit this.

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.