Book HomePHP CookbookSearch this book

8.22. Setting Environment Variables

8.22.3. Discussion

An advantage of setting variables in httpd.conf is that you can set more restrictive read permissions on it than on your PHP scripts. Since PHP files need to be readable by the web-server process, this generally allows other users on the system to view them. By storing passwords in httpd.conf, you can avoid placing a password in a publicly available file. Also, if you have multiple hostnames that map to the same document root, you can configure your scripts to behave differently based on the hostnames.

For example, you could have members.example.com and guests.example.com. The members version requires authentication and allows users additional access. The guests version provides a restricted set of options, but without authentication:

$version = $_ENV['SITE_VERSION'];

// redirect to http://guest.example.com, if user fails to sign in correctly
if ('members' == $version) {
    if (!authenticate_user($_REQUEST['username'], $_REQUEST['password'])) {
        header('Location: http://guest.example.com/');
        exit;
    }
}

include_once "${version}_header"; // load custom header

8.22.4. See Also

Recipe 8.21 on getting the values of environment variables; documentation on putenv( ) at http://www.php.net/putenv; information on setting environment variables in Apache at http://httpd.apache.org/docs/mod/mod_env.html.



Library Navigation Links

Copyright © 2003 O'Reilly & Associates. All rights reserved.