How to include files with HTTPS - PHP

Question

I made a form process and broke the code up into different files to stay clean and organized.

Now I am setting up the form for https security.

Do all the files I pull into my page have to be called as https as well? In which case I can no longer use include(); as it no longer allows relative paths?

Is the solution to use file_get_contents();? Or does only the (master) page itself need to be called as https?

Answer 1

It sounds like you are confusing terminology. HTTPS is the protocol used to request a page from the server using SSL or TLS encryption. That is separate from how you serve the request.

In your PHP source includes are processed server-side. All of the includes will be done before PHP hands the page off to your web server to be returned over the TLS link.

file.php:

<?php
include 'fileA.php';
include 'fileB.php';
?>

In the example above, the user agent (browser) never sees fileA.php or fileB.php. The page request is returned as a single document. You might request it via https://my-server.com/file.php, in which case that is all you need.

Answer 2

IF the files are on the same server you don't need to change anything.

include("file.php");

Will work just fine.

Also if you were to include a file from a nother https server, as long as you have the tls libraries setup properly, https isn't a problem

include("https://anotherserver.com/file.php");

would work provided the other server serves the PHP and does not execute it.