I do not exactly know for sure right now. However, as long as we can "echo" the whole "php code (not the value, but the php code as a string" to the root-me server, the exploit will work.

The main point is, the content of the "included file" must be a malicious PHP code. You can simply try to create a simple php file as your exploit and echo 'echo "hello";' for example. Put your exploit URL to the root-me challenge and if the site "echoing" 'hello' than it works..