I'm using OctoberCMS, based on Laravel and Twig, with Nginx and PHP7.0-FPM.
I make a Page or Partial using the CMS Backend Editor. Can edit the HTML Markup and Code.
The Page will render as localhost/mypage and hides the php source code.
But I'm able to go to localhost/themes/mysite/pages/mypage.htm in the browser and view the Twig markup and PHP comments in plain text.
And on some pages I can view all of the PHP and Laravel code like connection to database names and tables.
Anything that is in function onStart() in the Code editor, even though its wrapped in php tags in the htm file.
mypage.htm output:
However when viewing a .php file, it only shows the output and not the source.
I tried to change the page file extension to php instead of htm but get the error.
Invalid file extension: php. Allowed extensions are: htm.
Have you setup nginx correctly to blacklist those and other unpermitted files? http://octobercms.com/docs/setup/configuration#nginx-configuration
Alternatively, you can take a whitelist approach to security and utilize the october:mirror command: http://octobercms.com/docs/setup/configuration#public-folder
Related
Using Google App Engine, I'm trying to display a PHP page that contains html, within which I have more html content from another source. I'm using a PHP tag to include the content, like so:
< ?php include "https://myfileURL.html"; ?>
But it does not show up in the page source code. The html file is in a "/HTML/" folder which is handled as a static_dir in app.yaml. I can access the URL from the browser and the content is there, but if I put that URL in the include tag I get nothing. I can even put bad URLs and I get no errors, no console output... just nothing. The page displays with white space in the middle of the source code.
Any idea what's going on here? Everything works perfectly in localhost.
Argh... backend process... need to catch errors in php, nevermind.
Reproduceable problem
In 2.0.3 "advanced" (Yii offers basic and advanced setup of a project) create an empty controller in the backend, like
public function actionTest()
{
}
and call it in the browser. You'll see an empty page. When looking at the source code, you'll see a lonely php tag.
<?php
This looks like a bug to me, as it does not happen in the frontend folder, just in backend folder. This is critical when you render out CSV files or so, it will break the file.
I'm unsure if this is a bug on my side or a real bug inside the framework.
This is a bug in Yii 2.0.3!
... caused by a lower-level and not-so-obvious whitespace problem in naked PHP files.
Tickets & more information:
https://github.com/githubjeka/yii2-rest/issues/3
https://github.com/yiisoft/yii2-app-advanced/issues/24
http://php.net/manual/en/language.basic-syntax.phptags.php#116883
How to fix this:
The problem in a nutshell: A PHP tag is <?php[whitespace character], not just <?php. Holy! Totally makes sense, but let's be honest, who would have known this instantly ?
Yii 2.x uses (in the advanced demo application) the "empty" file config/bootstrap.php, just containing a php tag <?php WITHOUT a whitespace directly after. When bootstrap.php is now loaded via index.php it is loaded as a text file containing <?php, not parsed as a PHP file.
You can fix this by simply added a whitespace directly after the tag.
I have an HTML file that has a rather long navigation menu inside of it. I want to take that menu out of the HTML and place it into an external PHP page and then call it with
<?php include 'navigation.php'; ?> in the HTML file.
I have tried just adding this into the HTML file but it doesn't display anything as well as no errors on the page.
What do I need to do (if it's even possible) to keep the files HTML and use the php require function?
Add this in in your httpd.conf and then you can process PHP code on HTML pages
AddHandler application/x-httpd-php .php .html
Q: Did you give the page a .php suffix? That should be all you need to do.
Remember the way PHP works - you basically "embed" your PHP code in an HTML page, and the server executes the PHP before it serves (the rest of) the HTML.
But in order for PHP to "see" your code, you need to make sure your "HTML page" has a .php suffix.
As a crude workaround, you can add ".html" to the list of file suffixes that PHP will parse.
But this could cause other things to break.
If you want to embed PHP code in your "index.html", the best, cleanest approach is to simply rename it "index.php".
IMHO...
I downloaded a Template + CSS File for a Website that I'm Building, the template worked well until I tried to break it down and put every code in its own file (for easy modification and editing in the future).
So, when I cut the head part which included (Title + Meta Data .. etc ), and put it in its own file, and replaced it (for sure) with an include() function, I lost the CSS styles and returned to the basic & standard style (Black & white with no extra format .. etc)
Where did I Go wrong? Knowing that here is the include function that I've used:
<?php
include 'files/head.php';
?>
With an URL like file:///C:/xampp/htdocs/test6/index.php PHP is NOT executed. You must run it with apache being involved. Currently you are opening your PHP script as a regular txt or html file - it is just passed to browser without processing.
In order to make include function work you must run it with apache. As you are using xamp, I think you should simply open it with URL like http://localhost/test6/index.php In this case, apache will get that request and pass it to PHP. PHP engine will interpret your PHP script and "replace" include files/head.php with a content of head.php.
If everything is Ok, after pressing Ctrl+U (or looking at HTML with Developer Tools or Firebug) you should see a content of head.php instead of <?php include ....
Please note that css files should be linked with relative URL like css/screen.css. Or absolute URL like http://localhost/test6/css/screen.css. like Search for relative and absolute URLs in google for more info.
I'm using Twig as a Template Engine.
I want to render my CSS files though Twig, with the advantage of macros.
The response I receive looks fine. But somehow if I include it, the HTML page doesn't recognise it as a css file.
When I include the real css files, the site works just fine.
The comparison of the received source code is exactly the same...
Although, Chrome displays the files differently.
It displays the rendered file on one line.
It is probably being interpreted as a HTML file.
The real css file is being displayed like the source code, on multiple lines.
You include both files with the extension of .css.
How can I fix this?
You say that you get the correct contents, but it's not interpreted as css. This could be because of an incorrect contenty-type header.
Css files should be sent as text/css, in Sf the default is text/html. In the action that renders your css make sure to set the correct header.
Perhaps you should take a look at LESS its more effizient instead of parsing your CSS files. With LESS you have a lot of possibilities to make blocks and reuse functions with variables.
Perhaps its an alternative for your problem.
Edit:
Template Suffix
Run CSS file through Twig when using {% stylesheets %} tag in Twig with Symfony2