View Full Version : .inc
07-12-2005, 03:23 PM
Can someone take a moment to explain to me what .inc files are all about. I know they can hold and process php language, but have no idea what their point is... despite the fact that I actually use them.
I figure I should probably know about the thing I'm using! lol
Thanks in advance! :thumbsup:
07-12-2005, 03:32 PM
As far as I know .inc is just a convenient extension for a file you want to include, you could probably name the file with any extension you want.
A lot of servers are set up to parse .inc files as php for security purposes, since you can then take measures to stop people snooping at the content of your .inc files. For me I stopped using .inc a while ago, now I just name all my include files with a .php extension, that way I can implement some security in them all without having to rely on the server parsing being set how I want.
But, to answer the question, yeah I think that's it basically, just a neat way of delimiting your include files so you can tell them apart from your script files I guess :)
07-12-2005, 03:46 PM
Yeah, just a way of showing an included file. I've very often seen and sometimes still use .inc.php on the end of my filenames, and I also use .class.php on the end of classes. Depends though, sometimes I just name the files with a standard .php extension.
Its up to you if you use naming conventions like this, but it's mainly to make your life easier :)
07-12-2005, 04:04 PM
I disagree about making it easier.
.inc files are not defaulted to be processed within apache. Because of this, if you don't specify for the file to be processed using a .htaccess file, any joe blow can type your filename into their browser and turn up the raw code. Not nessessarly bad, though I've seen all to often people using .inc as an extension for their database configuration options -> which is not cool when someone jacks in.
If you would like to remember your file is only used for inclusion, I'd recommend assigning it a .inc.php extension. Either that, or move it above your web root to stop anyone from viewing it.
07-12-2005, 04:12 PM
Thats kinda what I meant, personally I have never used a plain .inc file, only .inc.php, but setting up .inc to parsed through .htaccess isn't too difficult and if you find it easier to keep track of .inc files then it would make your life easier. Myself I will stick to .inc.php.
07-12-2005, 04:25 PM
I agree with moving the includes outside the web root, regardless of the extension you use, since even if you name the extensions .php they might have unpredictable effects if run independent of the page that is meant to call them - this can be overcome with various checks and calls of course but far easier to just prevent all access to them altogether :)
Powered by vBulletin® Version 4.2.2 Copyright © 2016 vBulletin Solutions, Inc. All rights reserved.