This is my first time using CMSMS and after researching, I found I had to use the User Defined Tags (UDTs) to use custom php. I did that successfully and all my code worked. I wanted to include a php file for mobile detection, but when I do and refresh the page, it's just a completely blank page.
When I view the source, it's entirely empty. I have an if statement after the include and narrowed it down to the include line being the problem. It's very simple:
include '/Mobile-Detect.php';
$detect = new Mobile_Detect;
// any mobile device (phones or tablets)
if($detect->isMobile()){
if(!$_COOKIE['ppc'] == 'true'){
header('Location: /mobile');
}else{
header('Location: /mobile?ppc=true');
}
}
So I'm not sure why other blocks of code I have in other UDTs works and the include doesn't even throw an error. Hopefully a more experienced CMSMSer can help me out on this.
Thank you
I got around it by editing the include.php file at the root level. I first had to check if it was an admin page or not since the file is included in the front and back end. Then ran my code to check for mobile devices.
End result:
if(!isset($CMS_ADMIN_PAGE)){
// code to be executed on non-admin pages
}
Note:
I also tried javascript, but in the UDT it was expecting php, so I added it to the template and then it was trying to render the curly braces in my if statement as smarty tags. So annoying.
Related
the dilemma I have is my website index.php calls to a template php file on a button press like this:
case 'main':
$page = getTemplate('main.php', array('user'=>$user));
echo $page;
break;
This main.php template file is in a folder in "/var/www/template/" How do I stop people going to: domain.com/template/main.php and viewing the code for that page. I think the solution would be to make the localhost be able to pull the it and display it rather than the user or something along those lines. Any help would be appreciated thank you.
Like a comment said, the PHP file will not be printed, it will print the HTML result that the php file produce.
Maybe it produces some errors indicating vulnerabilities to a potential attacker ? If that's your case, you should handle this directly into the php code or use a .htaccess at the root of your site. You can't find some help there.
How to deny access to a file in .htaccess
Managed to fix this by putting this at the top of the php page I wanted to render:
<?php
if (!isset($_GET['page'])) {
header('Location: /main');
exit();
}
?>
This means if someone goes "domain.com/template/main.php" to attempt to view the source code, it will redirect them back to the main webpage for my site. Thanks for your suggestions however.
I would like to include at the beginning of my script a PHP file that open a IF condition. Then i write my script, and to finish I include another PHP file that close the conditon.
This bring me to a "Parse error: syntax error, unexpected end of file in ..." error.
This will be better to understand with this simple example :
header.php
if(aConditionalTest()) {
footer.php
} // endIf
mypage.php
include_once 'header.php';
echo 'my awesome content';
include_once 'footer.php';
FYI: I would like to do this for example :
to check everywhere that a user is authorized before displaying the content
implement a webpage caching system (see http://www.phpfastcache.com/ in "Example" section, "Caching Whole Webpage")
THANKS!
edit : Explain more precisely WHY I want to do this for using phpfastcache :
http://www.phpfastcache.com/ says :
Caching Whole Webpage PHP Cache whole web page :
You can use phpFastCache to cache the whole webpage easy too. This is simple
example, but in real code, you should split it to 2 files:
cache_start.php and cache_end.php. The cache_start.php will store the
beginning code until ob_start(); and the cache_end.php will start from
GET HTML WEBPAGE. Then, your index.php will include cache_start.php on
beginning and cache_end.php at the end of file.
That's just what I try to do!
According to their piece of code below, this brings to the situation where the condition is opened in "cache_start.php" and then closed in "cache_end.php"
cache_start.php
use phpFastCache\CacheManager;
$cache = CacheManager::Memcached();
$keyword_webpage = md5($_SERVER['HTTP_HOST'].$_SERVER['REQUEST_URI'].$_SERVER['QUERY_STRING']);
// try to get from Cache first.
$resultsItem = $cache->getItem($keyword_webpage)
if(!$resultsItem->isHit()) {
ob_start();
cache_end.php
// GET HTML WEBPAGE
$html = ob_get_contents();
$resultsItem->set($html)->expireAfter(1800);
$cache->save($resultsItem);
}
echo $resultsItem->get();
mypage.php
include_once 'cache_start.php';
// my awesome content to cache goes here...
include_once 'cache_end.php';
myotherpage.php
include_once 'cache_start.php';
// my other great content to cache goes here...
include_once 'cache_end.php';
So the reason WHY I want to put the phpfastcache code in 2 separate files is that I have many different PHP pages to cache, so I would like to avoir repeating all this code on each page...
Hope this edit will help you better understand why I would do that, even if I understood, as I feared, that is is not possible.
Give it a try:
how can I achieve this ?
Do it the evil way and eval all instead of including :) Like
eval(file_get_contents('header.php').'<?php echo "my awesome content";?>'.file_get_contents('footer.php'));
That can be a solution, if you want to join the dark side :)
SideNote: In this solution, you have to keep an eye on global variables!!
But please, thing about the fact, that you want to spread conditions over seperate files, what in my opinion is very very very bad practise.
Did i really answer this 8]
I try it in other way.
Only rule: works only in global space (where else :-))
So you want to open an if() in cache_start.php and close it cache_end.php. (for ob_cache reasons)
But if the condition isn't changed why not doing the condition twice!
In each file test for if(condition)!
Or set up an variabale like $cach_op_started=true and test for it in the second if() in cache_end.php
Thing boths should work for you.
Its a little funny that i didnt see that solution at the first time :)
Last Note:
You can also use auto prepend and append files in PHP if you want to.
That can be configurated in php.ini.
The files will automaticly loaded before and after an script, always.
http://www.webdevsecrets.com/using-phps-auto_prepend_file-and-auto_append_file/
Have a nice time.
So I understand that the problem is that when you don't want a certain user to see the contents of a page, the rest of the page isn't loaded and that is whats causing the error?
If so, why don't you just always include the files and in the specific page you set the conditions for who can view what?
I use ob_start() in my header, and ob_end_flush in my footer which works great.
and then check with my SESSION variables on the specific page's content if the logged in user has the right to see the content, else display a message like:"You are not authorized to see this content"
I cant find specific answer for my problem. So what I'm trying to do is to define index page by using only index.php. This is my code so far:
<?php
if(isset($_GET['page'])){
if(!$_GET['page']){
include "template/home.php";
}
if($_GET['page']=="gallery"){
include "template/gallery.php";
}
}
?>
When I'm trying to open it on local host there is nothing only white screen without any errors. Only thing that makes me problem is this string, but still without any errors, can't find what problem is...
if(!$_GET['page']){
include "template/home.php";
}
I was trying to find on internet solution, but there was nothing helpful, hope u can help me :)
The issue is that you're contradicting yourself in your code. Your example reads like this: "If page is set, proceed. Then, if page is not set, include the home page, if page is gallery, then include the gallery page." Do you see the issue? The isset() check will ensure that the code with the negation operator ! is not run.
The solution is to move that code outside of the primary if block.
try this code
<?php
if(isset($_GET['page'])){
if($_GET['page']=="gallery"){
include "template/gallery.php";
}
}
else{
include "template/home.php";
}
?>
I am pretty new to this and 'enjoying' some of the frustrations and long hours associated with learning something new. Anyway! I want to get my php script to do the following:
A) See if the form at the bottom of the page (in the footer of each of the pages of the website) has been triggered using a hidden input.
B) Open the table in the database and do some stuff to it.
C) Depending on the outcome of this, stop processing, forget everything and go to one of two new php pages; either 'thanks for joining' or 'already a member'.
A and B are working splendidly and C is refusing to work no matter what i do. I have tried using header("Location: http://www.xxx.co.uk/xxx.php");
in just about every part of the page and with all the various subtle changes - single quote, double quote, space after Location, etc. that i have seen used on other answers.
If i issue an exit after the header() command then it does this and i just get a totally white page and nothing, if i don't exit then the page that i was just on comes back unchanged.
I have read the other posts on this subject and see that there is a complication with header to do with an error about header already having been called, but i don't understand the answer and I am not seeing an error, it just will not redirect.
I have tried moving all the php to the top of the page before even the opening doctype declaration and still no dice.
Could it be something to do with the structure of my pages which is as follows:
Each php starts with an include_once for a header.php and ends with an include_once for a footer.php. Inside the header I start with an include_once for a php fuctions file and then some html and then check to see if my footer form was used.
Can somebody explain the limitation with the header() command in simple terms so that i can see whether i am going to be able to use it or whether i will need to redesign my whole strategy.
Here is some code:
One of the pages:
<?
include_once ("includes/header.php");
?>
HTML distinct to page
<?
include_once ("includes/footer.php");
?>
The Header file:
<? include_once("includes/functions.php"); ?>
In here is just the logon script for the database and a global variable for the logon...
<?
if (isset($_POST['submitfoot'])) {
Code to send me an email to tell me what is happening...
/* log on to database */
openDB();
/*tidy fields and check for existing record */
$tidyemail = trim($_POST['footemail']);
$tidyname = trim($_POST['footname']);
$sql_email = "SELECT id FROM subscribers WHERE email = '".$tidyemail."'";
$check_res = mysqli_query($mysqli, $sql_email) or die(mysqli_error($mysqli));
if (mysqli_num_rows($check_res) < 1) {
/* free result add the new record */
mysqli_free_result($check_res);
$add_sql = "INSERT INTO subscribers (name,email,date,sub) VALUES('".$tidyname."','".$tidyemail."',CURDATE(),1)";
$add_res = mysqli_query($mysqli, $add_sql) or die(mysqli_error($mysqli));
/* redirect to thanks page */
header("Location: http://www.xxx.co.uk/thanks.php");
} else {
/* redirect to already subscribed page */
header("Location: http://www.xxx.co.uk/subalready.php");
}
}
?>
Then there is the rest of the HTML including js script headers, page header, page body with common menu system for all pages etc.
I realise that the code here on the forum is a mess, but it is much neater in the actual files, so apologies for any difficulty.
Thank you in advance for any guidance that will stop me from going insane with this problem.
EDIT
Thank you showdev - i now have enabled errors as you recommended: I get this:
Warning: Cannot modify header information - headers already sent by (output started at /homepages/9/d302209163/htdocs/includes/header.php:9) in /homepages/9/d302209163/htdocs/includes/header.php on line 59
So this is the problem that previous questions have faced i beleive. Can anybody, gently, tell me how to sort this out please.
Thanks...
have you already tried instead of using:
header("Location: http://www.xxx.co.uk/thanks.php");
and
header("Location: http://www.xxx.co.uk/subalready.php");
try changing it to:
header("Location:thanks.php");
and
header("Location:subalready.php");
I just assumed that they are both contained in your WWW folder you don't need to have to add the url anymore.
I am trying to hide my websites cms application...
So i thought i would add a bit of php to any random page on my site, that includes a GET referance to some random string... So basically, if you go to x page, and add ?RANDOMSTRING the cms index is included. This is stored above the web root... Here is the peice of php:
if (isset($_GET['J7sd-H3sc9-As3R']))
{
require_once($docRoot . '/../../includes/admin/index.php');
}
Basically, index.php is laid out as a page with 3 fieldsets. In the 3 field sets are various links relating to various applications that deal with various tasks. They were accessed through the same means as the above code. And they were held in the web root and were able to be accessed via http...
That all worked perfectly fine, But the problem now comes when i try to access any specific part of the cms...so what would have been:
http://www.mysite.com/admin/part/
is now:
include($_SERVER['DOCUMENT_ROOT'] . '/../../includes/admin/part/index.php');
Or something of the sort...
So now when i go to my page at
http://www.mysite.com/randomDirectory/
and add:
http://www.mysite.com/randomDirectory/?J7sd-H3sc9-As3R
I get sent to my cms... Cool... But when i try to click on any section i get this header:
http://www.mysite.com/randomDirectory/?part
and the page gets refreshed to:
http://www.mysite.com/randomDirectory/
If that makes sense...
Could any provide me with any input or suggestions regarding the task that i am trying to accomplish? I am not sure if it is even possible to start off with, but it seems simple enough.
Any replies would be greatly appreciated, Thanks!
I guess you should append at the end of every link in your page something like
<?php if (isset($_GET['J7sd-H3sc9-As3R'])) echo '?J7sd-H3sc9-As3R'; ?>
Example:
http://www.mysite.com/randomDirectory/randomPage<?php if (isset($_GET['J7sd-H3sc9-As3R'])) echo '?J7sd-H3sc9-As3R'; ?>
edit
An easier way to do this would be to use sessions, in this way:
<?php
session_start();
if (isset($_GET['J7sd-H3sc9-As3R']))
{
$_SESSION['token'] = 'J7sd-H3sc9-As3R';
}
if (!isset($_SESSION['token']) || $_SESSION['token'] !== 'J7sd-H3sc9-As3R')
{
exit;
}
// go on with your page
?>
In this way, when you open a page with your token in the url, the session is started and the token is saved in the session, so it should work without the need to insert the token in every url until you close your browser.