Let's say I have a application hosted on www.example.com, I did a seo check it says that www.example.com redirects to www.exmaple.com
Also to double check i used the below code to check some input params
$page = explode("/", $_SERVER['REQUEST_URI'])[1];
echo $page;
When I ran the above code on url www.example.com/about it returned about about twice also when I ran the same code on www.example.com/some-url-here it returned some-url-heresome-url-here what's the catch? why is the application functioning like this.
Related
I have a MediaWiki 1.32.0 website. MediaWiki website directories contains the file LocalSettings.php in which one could write global custom PHP.
As a non PHP programmer I ask if there is some PHP command I could use to restrict access to a certain existing webpage, by that webpage's URL, so that any web request to create it('s HTML) would be denied, either resulting in some 404-like HTTP status code, or a redirection to homepage, as long as that command appears in LocalSettings.php?
I would prefer a PHP way instead an Apache PCRE directive in .htacess. Also, I should note that the URL is already blocked by robots.txt.
You can get the requested URL in PHP like this:
$_SERVER['REQUEST_URI'];
And deny access to a page like this:
$url = $_SERVER['REQUEST_URI'];
if ($url == "/wiki/blocked_page") die('404 error here');
Or redirect to your home page like this:
$url = $_SERVER['REQUEST_URI'];
if ($url == "/wiki/blocked_page") header('Location: /');
Note: request_url is everything after your domain name.
If your URL is https://example.com/wiki/blocked_page request_url would return "/wiki/blocked_page".
A strange problem is happening on my site . I want to get JSON data from query string so I request a url something like this http://myurl.com/?get_json.php={"created":"now"} but this gives me a 404 error . But the other query string works just fine I mean when I add {" : "} this permeter the url does not work. I am pretty sure this a problem in my server side configuration beacause when I try the same url in other site from different hosting the url just works fine . How can I configure my site to get this work?
Not working https://altahleel.com/new.php?order=%7B%22created%22%3A%22-%22%7D but this is working https://dainikalorprotidin.com/t.php?ts=%7B%22created%22%3A%22-%22%7D
before redirect to url parse with url_encode($url)
This is my tiny url function
private function getTinyUrl($url) {
return file_get_contents("http://tinyurl.com/api-create.php?url=".$url);
}
the output is something like http://tinyurl.com/nj76pbs so thats good.
But when I use the url, it takes me to
tinyurl.com/mywebsite.com/code?=fqhfkqhiurhg98y
and i get a 404 not found. What to do?
I'm thinking it's because your $url doesn't contain "http://" or "https://". Because of this, when tinyURL attempts a redirect, it stays within the tinyurl domain. Does your $url variable have http or https? If it always wont, you can just add it to the file_get_contents call.
Also, file_get_contents won't work on all servers. Sometimes it's restricted. I'd recommend attempting to do this with CURL if you get the chance.
You're missing the http://, https:// in front of the URL. You can possible add a check in your function to auto prefix this if needed.
When I try to redirect page using the header('Location: ...') function it is appending the redirect URL to current pages URL instead.
For Example, my current page is http://www.example1.com.
I have created a simple file called test.php with the code below in it:
header('Location: http://www.example2.com');
However it is currently redirecting the page to http://www.example1.com/http://www.example2.com instead of http://www.example2.com.
Any suggestion what should be the issue?
This issue has arisen after moving the site to a new server. I am running the site by doing host entry.
I'm trying to blocked website based proxy's. These are normally in the format of:
http://3.hidemyass.com/ip-8/encoded/Oi8vZ29kbGV5ZGVzaWduLmNvLnVrL0xDcmVkaXJlY3QvZnVuY3Rpb25zL2Z1bmN0aW9
My theory of blocking these is to get the URL of the address bar and check that it's actually direct access to my site, rather than visiting via a website proxy.
However, when i try to visit my site and attempt to capture the url of the user it still reports that its my sites url.. not this web based proxy one.
I've tried the following ways of detecting it:
$url= $_SERVER['HTTP_HOST']; //get the url
$url = $_SERVER["SERVER_NAME"];
any ideas on how to resolve this?
UPDATE
Ok i've rewrote part of this, however it always seems to be returning false... the $url is being passed correct as i can echo this out within the function. However it doesnt seem to be matching and returning false
<script>
var url = window.location.href;
<?php $url = "<script>document.write(url)</script>"; ?>
</script>
<?php
//
function checkURLIsSafe($url){
if(preg_match('/www/',$url)){
echo 'true';
} else {
echo 'false';
}
}
checkURLIsSafe($url);
?>
PHP runs on the server. It can only see the URL that was requested from it.
hidemyass.com will be requesting the normal URL from your server. There is no way to tell what URL the browser requested from hidemyass.com.
Approaches you could take include:
Checking the source ip against a list of known proxies
Using client-side JavaScript to read location.href
You cant do it with PHP only. What you can do is to check window.location.href with javascript, and if it's incorrect, send ajax request to server, which will block IP address.