After realising that my web server wouldn't run php inside my html file I used an iframe which points to my php script.
It works as expected and now my site has a nice little comment form that the user can fill in and submit.
I opted for this instead of changing my hhtpd.conf because I don't think my web host allows it.
So my question is; is there any real danger of doing this? If the comment.php file were to mysteriously disappear an error would appear in my html which wouldn't affect the rest of my code. I can't think of any drawbacks unless there some server overhead I'm unaware of.
Any information would be welcomed.
Cheers!
If they (the html and php files) are located on the same server — should be no danger.
Just to clarify :
If you can 'run' the php in an iFrame, then you're able to run it in the main frame as well. the php that is generated for your iframe could as well be generated for the main frame.
So, no, there is no danger at at, but no, you don't need an iframe, I think you misunderstood somehow how php is working.
There is no php in html, php is (simplified) used in 2 scenarios :
first is to generate html that will be sent to the web browser,
the second is a script, that doesn't render any php but affects some internal files, like databases and such.
Related
I am currently trying to load an HTML page via cURL. I can retrieve the HTML content, but part is loaded later via scripting (AJAX POST). I can not recover the HTML part (this is a table).
Is it possible to load a page entirely?
Thank you for your answers
No, you cannot do this.
CURL does nothing more than download a file from a URL -- it doesn't care whether it's HTML, Javascript, and image, a spreadsheet, or any other arbitrary data; it just downloads. It doesn't run anything or parse anything or display anything, it just downloads.
You are asking for something more than that. You need to download, parse the result as HTML, then run some Javascript that downloads something else, then run more Javascript that parses that result into more HTML and inserts it into the original HTML.
What you're basically looking for is a full-blown web browser, not CURL.
Since your goal involves "running some Javascript code", it should be fairly clear that it is not acheivable without having a Javascript interpreter available. This means that it is obviously not going to work inside of a PHP program (*). You're going to need to move beyond PHP. You're going to need a browser.
The solution I'd suggest is to use a very specialised browser called PhantomJS. This is actually a full Webkit browser, but without a user interface. It's specifically designed for automated testing of websites and other similar tasks. Your requirement fits it pretty well: write a script to get PhantomJS to open your URL, wait for the table to finish rendering, and grab the finished HTML code.
You'll need to install PhantomJS on your server, and then use a library like this one to control it from your PHP code.
I hope that helps.
(*) yes, I'm aware of the PHP extension that provides a JS interpreter inside of PHP, and it would provide a way to solve the problem, but it's experimental, unfinished, would be still difficult to implement as a solution, and I don't think it's a particularly good idea anyway, so let's not consider it for the purposes of this answer.
No, the only way you can do that is if you make a separate curl request to ajax request and put the two results together afterwards.
I have a small script that pulls HTML from another site using Javascript.
I want to include that static HTML that gets pulled in a PHP page without any of the Javascript code appearing in the final PHP page that gets displayed.
I tried doing an include of the file with the Javascript code in the PHP page, but it just included the actual Javascript and not the results of the Javascript.
So how would I go about doing this?
You would need to fetch the page, execute the JavaScript in it, then extract the data you wanted from the generated DOM.
The usual approach to this is to use a web automation tool such as Selenium.
You simply can't.
You need to understand that PHP and Javascript operate on different places, PHP on the server and Javascript on the client.
Your only solution is to change the way all this is done and use "file_get_contents(url)" from PHP to get the same content your javascript used to get. This way, there is no javascript anymore and you can still pre-process your page with distant content.
You wouldn't be able to do this directly from within PHP, since you'd need to run Javascript code.
I'd suggest passing the URL (and any required actions such as click event, etc) to a headless browser such as Phantom or Zombie, and capturing the DOM from it once the JS engine has done it's work.
You could also use a real browser, but of course you don't need a UI in your case, and it might actually get in the way of what you're trying to do, so a headless browser might be better.
This sort of thing would normally be used for automated testing of a site (ie Functional Testing).
There is a PHP tool named Mink which can run these sorts of scripts from within a PHP program. It is aimed at writing test scripts, but I would imagine you could use it for your purposes.
Hope that helps.
I am using Dreamweaver cs5 . It works normally for all file types except for php files.
Whenever I create or open a php file,Dreamweaver shows a inactive Design and split button on the menu and tab.Only code button is active...
Is there any solution to enable or activate the design button for php files..
Please help
Php cannot be previewed as simply as html can, unfortunately, since it needs to be interpreted to run. It is possible to set up a testing server which will then link in with Dreamweaver and allow you to see the code you write visually, but this isn't as simple as turning a parameter on.
Check out http://www.adobe.com/devnet/dreamweaver/articles/setup_testing_server.html for information on how to achieve this.
Failing that, you could always rename your files to [filename].html while you're working on them? This would show the php code as plain text in the design view, but if you're happy with that then it's a simpler solution that could work for you.
PHP is a server-side language, it is to be processed at the server-side and a resulting HTML is send to the client(A web-browser, generally), from where the page request originated.
Since Dreamweaver does not have any inbuilt PHP engine, or server capabilities it would be difficult(most probably impossible) to get an active view of your PHP page from Dreamweaver as it is, using only the capabilities of Dreamweaver.
So, to solve this you can set some external server like XAMPP,WAMP, etc... and create a project in Dreamweaver with the server settings specified, by doing this you should be able to get a Design view of your PHP code in Dreamweaver. For the exact steps to do this, please refer:
http://www.adobe.com/devnet/dreamweaver/articles/setup_php.html
Courtesy:http://forums.oscommerce.com/topic/386240-open-the-indexphp-in-design-view-in-dreamweaver-cs5/
I need to have the output of a PHP snippet in a Plone site. It was delivered to be a small library that has a display() function, in PHP, that outputs a line of text. But I need to put it in a Plone site. Do you have any recommendations?
I was thinking a long the lines of having a display.php that just runs display() and from the Plone template to download that URL and output the content. Do you think it might work? What methods of hitting a URL, retrieve the content and outputting can I use from inside a Plone template?
One important and critical constraint is that the output should be directly on the HTML and not an an iframe. This is a constraint coming from the outside, nothing technical.
Another option is to run the PHP script on the server using os.popen, then just printing the output. Quick and dirty example:
import os
print os.popen('php YourScript.php').read()
Well, use AJAX to call the PHP script (yes, you will need apache) and display the output. Adding a custom JS to plone is trivial and this abstract the technology issue.
Just be sure this is not a critical feature. Some users still deactivate JS and the web page should therefor degrade itself nicely.
Probably the easiest way: install windowz inside your site. That way you get a page with an iframe in your plone layout. Make sure the php script outputs a regular html page and configure your windowz page with that url. Done.
Works great for existing in-company phonebook applications and so.
While cross-site scripting is generally regarded as negative, I've run into several situations where it's necessary.
I was recently working within the confines of a very limiting content management system. I needed to include database code within the page, but the hosting server didn't have anything usable available. I set up a couple bare-bones scripts on my own server, originally thinking that I could use AJAX to import the contents of my scripts directly into the template of the CMS (thus retaining dynamic images, menu items, CSS, etc.). I was wrong.
Due to the limitations of XMLHttpRequest objects, it's not possible to grab content from a different domain. So I thought iFrame - even though I'm not a fan of frames, I thought that I could create a frame that matched the width and height of the content so that it would appear native. Again, I was blocked by cross-site scripting "protections." While I could indeed load a remote file into the iFrame, I couldn't execute JavaScript to modify its size on either the host page or inside the loaded page.
In this particular scenario, I wasn't able to point a subdomain to my server. I also couldn't create a script on the CMS server that could proxy content from my server, so my last thought was to use a remote JavaScript.
A remote JavaScript works. It breaks when the user has JavaScript disabled, which is a downside; but it works. The "problem" I was having with using a remote JavaScript was that I had to use the JS function document.write() to output any content. Any output that isn't JS causes script errors. In addition to using document.write() for every line, you also have to ensure that the content is escaped - or else you end up with more script errors.
My solution was as follows:
My script received a GET parameter ("page") and then looked for the file ({$page}.php), and read the contents into a variable. However, I had to use awkward buffering techniques in order to actually execute the included scripts (for things like database interaction) then strip the final content of all line break characters (\n) followed by escaping all required characters. The end result is that my original script (which outputs JavaScript) accesses seemingly "standard" scripts on my server and converts their standard output to JavaScript for displaying within the CMS template.
While this solution works, it seems like there may be a better way to accomplish the same thing. What is the best way to make cross-site scripting work specifically for the purpose of including content from a completely different domain?
You've got three choices:
Create a server side proxy script.
Create a remote script to read in remote dynamic HTML. Use a library like jQuery to make this easier. You can use the load function to inject HTML where needed. EDIT What I originally meant for example # 2 was utilizing JSONP, which requires the server side script to recognize the "callback=?" param.
Use a client side Flash proxy and setup a crossdomain.xml file on your server's web root.
Personally, I would call to that other domain on the server and get and parse the data there for use in your page. That way you avoid any problems and you get the power of a server-side language/platform for getting and parsing the data.
Not sure if that would work for your specific scenario...hard to know even with your verbose description...
You could try easyXDM, by including very little code, you can pass data or method calls between documents of different domains.
I've come across that YDN server side proxy script before. It says it's built to work with Yahoo's Search APIs.
Will it work with any domain, if you simply trim the Yahoo API code out? Or do you need to replace it with the domain you want it to work with?
iframe remote content can be accessed by local javascript.
The remote server just have to set the document.domain of the page.
Eg:
Site A contain an iframe with src='Site B/home.php'
home.php looks like this :
[php stuff]...[/php]
[script type='text/javascript']document.domain='Site A'[/script]