LIGHTENING YOUR WORKLOAD WITH INCLUDES Having said that, you can convert a site-root-relative path to an absolute one by concatenating the superglobal variable $_SERVER['DOCUMENT_ROOT'] to the beginning of the path like this: include($_SERVER['DOCUMENT_ROOT'] . '/includes/'); Most servers support $_SERVER['DOCUMENT_ROOT'], but you should check the PHP Variables section at the bottom of the configuration details displayed by phpinfo() to make sure. Now, this is the point that tends to confuse many people. Although you can t use a site-root-relative link to include a file, the links inside the include file should normally be relative to the site root. This is because an. | LIGHTENING YOUR WORKLOAD WITH INCLUDES Having said that you can convert a site-root-relative path to an absolute one by concatenating the superglobal variable _SERVER DOCUMENT_ROOT to the beginning of the path like this include _SERVER DOCUMENT_ROOT . includes Most servers support _SERVER DOCUMENT_ROOT but you should check the PHP Variables section at the bottom of the configuration details displayed by phpinfo to make sure. Now this is the point that tends to confuse many people. Although you can t use a site-root-relative link to include a file the links inside the include file should normally be relative to the site root. This is because an include file can be included at any level of the site hierarchy so document-relative links break when a file is included at a different level. You might have noticed a contradiction between the previous paragraph and the document-relative links in . They have been deliberately left like that because unless you have created a virtual host the site root is localhost not phpsols. This is a disadvantage of testing a site in a subfolder of the web server s document root. The Japan Journey site used throughout this book has only one level so the document-relative links work. When developing a site that uses multiple levels of folders use site-root-relative links inside your include files and consider setting up a virtual host for testing see Chapter 2 for details . Security considerations with includes Include files are a very powerful feature of PHP. With that power come some serious security risks. As long as the external file is accessible PHP includes it and incorporates any code into the main script. But as mentioned in the previous section include files can be located anywhere. Technically speaking they can even be on a different server. However this was considered such a security risk a new configuration directive allow_url_include was introduced in PHP . The default setting is Off so it s now .