Attention!!™
Kafuka Mosts 2018
Voting is open! Get your votes in now!
Join the Kafuka Discord! (Click here)
Views: 5,802,958
Main | FAQ | IRC chat | Memberlist | Active users | Latest posts | Calendar | Stats | Ranks | Online users | Search
12-16-18 07:49 PM
Guest: Register | Login

0 users currently in msg db 'Computer Address',0xa | 1 guest

Main - msg db 'Computer Address',0xa - php struggles
Next newer thread | Next older thread


Jamie
Posted on 07-26-18 12:08 AM (rev. 2 of 07-26-18 12:09 AM by Jamie) Link | ID: 138538
Banned

outta here.
Level: 65


Posts: 1137/1457
EXP: 2263894
Next: 71734

Since: 06-03-14

Last post: 36 days
Last view: 36 days

<?php

require('lib/common.php');

if(!file_exists('config/database.php')) {
die(header("Location: install.php"));
}

$page = $_GET['page'];

if(!isset($_GET['page']))
$page = "home";
?>

<!DOCTYPE html>
<html>
<head>
<title>you make a bloody show of meh</title>
</head>
<body>
<?php echo file_get_contents("lib/top.php"); ?>
<?php file_get_contents("pages/$page.php");
echo $page_contents; ?>
<?php echo file_get_contents("lib/footer.php"); ?>
</body>
</html>


basically trying to write a script that fetches a page and then displays its contents, using the URL param "page" after "index.php" or whatever

i.e. something like ABXD's index.php

currently unfinished. it DOES seem to do its job somewhat:

having some trouble with stuff tho. I'm unable to make a 404 fallback, for a start. plus I feel this is inefficient as hell.

as a new coder, I'm probably making basic mistakes :p

also none of this was copypasted from ABXD, even though I used the same setup and variable names as it. i'm actually trying to write a small PHP blog script :P

any suggestions?

Epele
Posted on 07-26-18 12:25 AM (rev. 2 of 07-26-18 12:35 AM by Epele) Link | ID: 138539
Acmlmistrator
The Sorceress.
The new champion

Level: 211


Posts: 18619/19592
EXP: 138233368
Next: 498269

Since: 01-01-12
From: UK

Last post: 1 hour
Last view: 22 min.
Let's see..
using file_get_contents() will pull the exact contents of the file. It will not render that page as php, but print the entire source code.. Consider using Include instead and letting the page print its own output. I believe you can also use include in an if() statement for error reporting - 404s.

Personally, I've not had a need to use include statements yet. Gonna go test that theory out.

Editorial:
I've just played with it.
<?php
error_reporting(E_ERROR);
if(!isset($_GET['src'])) $src="index.php"; else $src=$_GET[,];
if((include $src) == false){
echo "Source file not found.";
}
?>

Include statements must be encapsulated in brackets inside an if() statement. In the case of this, it will include index.php which prints its own output normally, so it displays as part of the page.

file_get_contents is more useful when you are dealing with stored files, such as caches, or doing operations on a binary file.

Personally, I'm not a fan of breaking in and out of php, and prefer to do the entire operation in one go.

If I need to inject a piece of php in the middle of a print, I'd do it like:
print "Ooh, I just rolled a ".rand(1,6)." on my first die, and a ".(rand(0,5)+1)." on my second!";



<Nicolyn> Thierry doesn't sleep
<Nicolyn> she is powered solely by those little floating hearts

Moonlight Capital
Posted on 07-26-18 03:31 PM (rev. 2 of 07-26-18 04:10 PM by Moonlight Capital) Link | ID: 138621
Click here for catgirls
Level: 28


Posts: 233/241
EXP: 116168
Next: 15170

Since: 04-26-16
From: Italy

Last post: 72 days
Last view: 3 hours
This is my page rendering handler:


<?php

$pageArr = explode('/', $_SERVER['REQUEST_URI']);
array_shift($pageArr);
array_shift($pageArr);

$pageArr = array_map('htmlspecialchars', $pageArr); // prevents XSS

$pagename = explode('?', $pageArr[0], 2)[0];

if(file_exists('pages/'.$pagename.'.html')) {
echo file_get_contents('pages/'.$pagename.'.html');
} else if($pagename == '') {
echo file_get_contents('pages/main.html');
} else {
echo file_get_contents('pages/notfound.html');
}

?>


Though you need a .htaccess rule to achieve this, see https://stackoverflow.com/a/51362256/7486110

StapleButter
Posted on 07-26-18 04:45 PM Link | ID: 138630
Developer
there was a girl
Level: 73


Posts: 1601/1649
EXP: 3372899
Next: 112969

Since: 01-05-12
From: France

Last post: 1 day
Last view: 1 day
you don't seem to really know what XSS is...


also, while you're at it with .htaccess-level URL rewriting, might as well just rewrite it to page.php?shit=foo&crap=bar so there's less overhead on the PHP side (you don't have to do decoding/etc there). but whatever, this works too.

____________________
Kuribo64 - melonDS

want some revolution in your coffee?

Moonlight Capital
Posted on 07-26-18 04:56 PM Link | ID: 138633
Click here for catgirls
Level: 28


Posts: 234/241
EXP: 116168
Next: 15170

Since: 04-26-16
From: Italy

Last post: 72 days
Last view: 3 hours
Posted by StapleButter
also, while you're at it with .htaccess-level URL rewriting, might as well just rewrite it to page.php?shit=foo&crap=bar so there's less overhead on the PHP side (you don't have to do decoding/etc there). but whatever, this works too.


I used to do it that way, but url rewriting was hard if you had parameters with different names.

Next newer thread | Next older thread
Main - msg db 'Computer Address',0xa - php struggles


Acmlmboard v2.5.4 (10/13/2018)
© 2005-2018 Acmlm, Emuz, et al.

Page rendered in 0.346 seconds. (635KB of memory used)
MySQL - queries: 87, rows: 480/513, time: 0.310 seconds.