If you've done any kind of extensive work with PHP in an application, I'm sure you've also worked with including files into your script. Sometimes, there can be dangers in this - especially if you're including user content. Well, here to help with this issue is this post from blog.enargi.com talking about "Safe include and error checking with PHP 5.0.X".

Implementing safe classloading. How hard can it be?
Find class file, include php file, create instance. You may don’t even need PHP5-specific features for that.
It’s all okay if included php files/classes written by you and you’re guranteed that they are error-free.

He gives six methods to help ensure that the content that you're including is safe and doesn't break things in the process:

• the use of @
• checking the file with an external interpreter (cli)
• using php_check_syntax
• setting an error handler
• using eval() (*cringe*)
• use runkit

Basically, though, he states that he hasn't found a good way to catch errors or keep things from breaking when including files in PHP 5.x.

Anyone out there have any suggestions/examples?