I wonder if the OP ever found a solution for himself. As far as I know, the only way to work this would be to have all your client accounts on the same server as the scripts you want to include - I've done something similar:

/path_to_myserver_root/httpdocs/clients/client01/wwwroot/scriptA.php /path_to_myserver_root/httpdocs/clients/client02/wwwroot/scriptA.php ETC....

THEN: /path_to_myserver_root/privatefiles/myapp/scriptB.php

wwwroot is where each client domain points.

scriptA.php has some business logic then includes scriptB.php for it's functions with the full path above:

require('/path_to_myserver_root/privatefiles/myapp/scriptB.php')

scriptB.php resides in a private protected dir on the server, inaccessible by http, and not traversable by the clients.

Now mind you, my reasons for doing this is to maintain version consistency across multiple accounts, not to withhold some proprietary magical php code from my clientele - But I suppose it could be implemented for that purpose.

Meh, YMMV.

When you're trying to go across domains as you have suggested, you're not actually including a file that's sat there ready to do - the process is different. The machine needs to bring back the file over http which isn't what the include statement is all about.

Also, if you're on shared hosting, PHP is often configured to prevent you from going outside of your own domain.

If you aren't under this restriction, one solution might be to use PHP to copy back a copy of the file from the other server, and then include it once it's sat in your domain. Another apporach might be to write a little "deployment" script that copies it everywhere it needs to be whenever you make changes...

Hope this helps...

Martin

After reading your comments - in which you state that you want to do this as a means of copy protection - my answer is an emphatical, forget it. This is not how copy protection works.

The only thing you can do using include() is fetch source code from elsewhere to be interpreted on the local interpreter. This is childishly easy to crack: A malicious customer would to just have to echo() the fetched code.

Executing the remote script remotely (on your server) won't help you, because the state of that script (variables, functions...) won't be present in the script you call it from.

The options you have are:

• Compiling / encoding / obfuscating the script, possibly requiring a specific PHP module to execute it (lots of questions about this on SO)

• Creating a real web service (e.g. using SOAP) that runs on your server, and performs the requested operations

For what it's worth, though, I personally do not purchase, nor recommend to clients to purchase, encoded scripts and scripts that need to "phone home" in order to work. I believe in protecting your products through a stringent license agreement (that will scare business customers into buying your product, because the risks of getting caught stealing are too expensive.)

Use file_get_contents, to open up the file, append it to the second file like so:

$secondFile = file_get_contents('http://www.sample.com/includeThis.php');
file_put_contents('your_file', $secondFile, FILE_APPEND);

This will work if you want to put it at the end of your file. Than just do an include on your file.

Anyways, like I said, this is risky and dangerous IMO, especially if you aren't sure about the content it has inside of it.

Also, your_file will need to be an actual server path, not a URL.

Nope, this setting is disabled/not allowed by default in most web servers (php.ini) so you can not use the include to include the files from a remote addresss for security reasons.

If you still want to allow inclusion of remote files, the directive allow_url_include must be set to On in php.ini

But again it is a bad practice, in a security-oriented point of view ; and, so, it is generally disabled (I've never seen it enabled, actually)

If you want to read the contents of a remote file though, you can use the file_get_contents function instead BUT this will be returned as pure HTML markup code, there won't be any server-side code.

rename the first one to .txt
then think twice, are you sure you need cross-domain include