what does INCLUDE_CHECK do in php?

Hi I am new in php and when I came across def开发者_运维技巧ine('INCLUDE_CHECK',true); I was not able to understand what it is for?

Pls. explain.

Thanks! Sagar

This is a constant that is being used by that application later. Define() is used to create these constants. Typically this is used for configuration data. To use this constant later, you simply use the string INCLUDE_CHECK in code like it were a variable without the $.

so

if(INCLUDE_CHECK)
{
// Do code that only should happen if you want it to.
}

Just an addition to DampeS8N Answer which is correct one.

I read php.net's link http://in2.php.net/manual/en/function.define.php and below example makes it clear that any value can be used inside define function for defining variable as constant and INCLUDE_CHECK was just a variable which I thought as some kind of php feature ;)

<?php
define("CONSTANT", "Hello world.");
echo CONSTANT; // outputs "Hello world."
echo Constant; // outputs "Constant" and issues a notice.

define("GREETING", "Hello you.", true);
echo GREETING; // outputs "Hello you."
echo Greeting; // outputs "Hello you."

?>

@DampeS8N pls. comment if wrong!

Thanks to all of you for your answers!

INCLUDE_CHECK is not a feature of PHP itself, only of some code that someone has written in PHP. The first hit on google shows us a configuration file that a user is attempting to protect by checking if the variable is defined.

The approach taken in the sniped I found on google is like this

• a file which can be referenced directly (e.g. http://example.com/foo.php) will define INCLUDE_CHECK and then include a file that checks INCLUDE_CHECK, e.g. config.php; because foo.php has already defined it, this will work correctly
• if a user accesses config.php directly (e.g. http://example.com/config.php) then INCLUDE_CHECK will not have been defined, so an error will occur, preventing the user from running the script.

The following examples should make this clearer

foo.php

<?php
defined('INCLUDE_CHECK', true);
require_once 'config.php';
?>

config.php

<?php
if (!defined('INCLUDE_CHECK')) { die ('invalid access'); }
echo 'Hello World!';
?>

If a user accesses config.php directly, then INCLUDE_CHECK is not defined, so the script will die with the message invalid access. If a user accesses foo.php, it will define INCLUDE_CHECK then include config.php, which will then echo Hello World.

This is a pretty crap way of protecting a configuration file, btw; see my post here for a more simple and reliable approach.