I have an issue parsing PHP in HTML Files.
I am using an install of Vesta and the domain is running fine. The site in question has
AddType application/x-httpd-php4 .htm .html
# and
AddType application/x-httpd-php5 .htm .html
in the .htaccess, which before I moved server it was allowing php to run in html. I have also tried every single variant of this which I have found on stack overflow and none of them are working.
I can't figure out for the life of me why its not now working?
Has anybody got any ideas?
Thank you
Dan Williams
Since your server will not allow you to use PHP in HTML, just rewrite all .html requests to php in .htaccess:
RewriteEngine On
RewriteRule ^(.*)\.html$ $1.php [L]
Should solve the problem. (https://stackoverflow.com/a/5990276/2119863)
Why won't it parse PHP in HTML?
The more types of files the server needs to push through the php interpreter, the more memory, processor and electricity it will consume. It's like with cars and trucks. Cars do not haul big trailors for a reason - trucks have much bigger engines and take the load but leave a bigger carbon footprint.
The second reason is the separation of functionalities. Seeing a html file, you should be 100% confident - across all and any servers - that this file will not print_r($_SERVER);. And when seeing a php file, you should be confident it performs some dynamic actions. And just like you shouldn't expect a nurse to build houses, neither should you expect HTML to parse PHP. :)
Related
I've been setting up an environment for html/php using Apache Lounge. Although my html worked fine, I started noticing issues after I tried to embed php. When I do only php, it just prints everything how it is, including the tags. When I try to embed it in html, it simply skips over all php parts, but sometimes prints the tags randomly. Yes, my file is .php. When looking at other people's similar questions, I found many saying to AddHandler application/x-httpd-php7 .html or AddType application/x-httpd-php .html. However, I have no such file anywhere, and both people who suggested that were using XAMPP. Any ideas? Thanks!
I maintain a website that contains a dozen or so .html documents which I have just rewritten to include php code. As search engines currently index the .html documents, I would rather not break those links and I certainly don't want to do anything that will affect my search rankings. I understand I have a couple of choices.
Option 1 is to replace all the .html extensions on my documents with .php, and then update .htaccess so that requests for .html documents are rewritten/redirected to the corresponding .php documents (as suggested here).
If I want to make this a permanent (301) redirection, so that the search engine links are replaced the next time my site is crawled, is this the correct way to do this?
RewriteEngine On
RewriteRule ^(.*)\.html$ $1.php [L,R301]
Option 2 would be to instruct the webserver to send all html documents through the php parser (as suggested here), which means the .html extension on the the files doesn't need to be changed at all:
AddType application/x-httpd-php .htm .html
So I see two viable choices. Is one better than the other (or can you think of a better one)?
The first method means you need to rename all of your html files to php files and for a little while, a marginal amount of extra traffic for the redirects.
The second method means you don't need to change anything at all and html files get processed by the PHP handler like php files do.
First method is more work but it also means your site is more portable. Meaning that if you copy your site to a new host that, say, doesn't give you the ability to change the handler types, then you will still be fine because your files end with the php extension.
The second method is less work and won't require search engines to re-index your site but will make your site a little less portable.
Note that you can also use mod_alias to redirect:
RedirectMatch 301 ^/(.*).html$ /$1.php
Since I want to have PHP code run properly on my website, should I add
AddType application/x-httpd-php .html
to my htaccess file, or just change all of my *.html files into *.php files?
I've heard that changing the file extension to *.php causes the website to load slower, but I'm wondering if changing the htaccess file does the same.
Either way, the files will be passed through the PHP interpreter, making them ever-so-slightly slower than if they were plain HTML files directly served down. It's the same process however you set it up. The difference in speed from plain HTML is going to be quite small unless you have a lot of dynamic PHP in there. Given that you are considering renaming existing files from .html to .php, I suspect you don't have much PHP code in there already (or any).
So it doesn't really matter which way you handle it.
However...
Leaving them as .html has the possible disadvantage that if you ever forget to setup this configuration, you could wind up serving raw PHP code to the browser, which might include your database connection details or other secrets.
it does exactly the same. .php is not slower than html, html is not slower than php, just a different setting in your webserver config.
AddType application/x-httpd-php .html would be a fraction slower, as apache load this line dynamically. If you set it in httpd.conf it would be exactly the same.
Agree with Michael that you need to be careful with renaming them HTML and having the chance that it not be setup, or your host provider do something screwy with your account.
If you do this, make sure any database/password files remain as PHP that you simply include in your HTML file.
Are there any security / performance concerns if we set the Apache web server to configure Apache to handle all HTML as PHP? I was specifically referring to:
AddType application/x-httpd-php .php .php3 .php4 .html
I was in a situation where I needed to add some PHP logic into some HTML files; ideally, I didn't have to change the filename e.g. page.html to page.php (to keep the page rank, etc. for page.html).
This is related to the following question: httpd AddType directive
Edits:
From the existing answers / comments below, it looks like the community suggests to either use redirects or only target specific HTML files. The constraint is that I am redesigning an existing site (400+ HTML pages; each of them uses some sort of Dreamweaver template that pulls in the header and footer from different files). I was hoping to completely shy away from Dreamweaver move into something non-proprietary. So, I am down with two options:
Use Server Side Includes (SSI) to pull in the header and footer. This will result in all my HTML files to be decorated with SSI.
Sprinkle some PHP snippet to include the header and footer. For this choice, I have to make sure the file name stays unchanged.
The more files the server determines it needs to pass through the PHP interpreter, the more overhead involved, but I think this goes without saying. If your site does not have ANY pages with plain HTML, then you're already paying all the performance penalties that you could possibly pay - adding HTML to the list is no different in this case than simply renaming all the files to have a .php extension.
The real performance penalty would come if you do have plain HTML pages - the server will needlessly pass these pages to PHP for interpretation when none is necessary. But even then, it isn't dramatic - the PHP interpreter won't be needed for those HTML pages, so it won't do anything aside from determining that it doesn't need to do anything. This has a cost, but it isn't significant.
Now, if we're talking high-volume here, every little bit of performance matters and this would not be a practicable solution. For low- to mid-volume sites, however, the performance penalty would be nill.
If this is a one-time change and there are a limited number of files that are affected, then it may be more conservative to use a FilesMatch directive.
<FilesMatch "^(file_one|file_two|file_three)\.html$">
AddType application/x-httpd-php .html
</FilesMatch>
I disagree with Tuga. I don't think you should make this change for all your files. Anytime you deal with security, you should try to control the environment. Doing it only for one file is probably the safest. You could do something like
<FilesMatch "^file_name\.html$">
AddType application/x-httpd-php .html
</FilesMatch>
This will only match file_name.html and process it as .php where it is much safer to do this than treat ALL .html files as php.
Is there any problem with running HTML as PHP via .htaccess? such as security or best practices etc. was doing this to make URLs cleaner.
## run the following file types as php
Addhandler application/x-httpd-php .html .htm .rss .xml
Well ideally id like to have my URLs like
localhost/blog/posts/view.php?id=64
to be
localhost/projects/bittyPHP/bittyphp/posts/view/id-64
But having trouble accomplishing that without routing everything to one file and having PHP run determine the paths. I guess this is my real question
I would use mod rewrite.
Probably you do not need to run all html files as PHP, and if you have short_tags enabled "<?" in XML will give you trouble.
Keep in mind that you will run each and every of those files through the PHP handler then. If there is no PHP inside the files, the parser will still inspect them to see if there is any PHP in it. This adds some overhead, but it is likely neglectable in most setups.
Main issue I would say is performance. If you have a significant number of plain HTML files then you're creating unnecessary overhead by always running them through the PHP interpretter.
Best practice is not to do this, but use "friendly" URLS like mysite.com/item/123 and use mod_rewrite to convert them to mysite.com/displayitem.php?id=123 internally
Like many people have already stated, mod_rewrite is the best solution for accomplishing friendly URLs.
Sitepoint has a decent guide to getting started with mod_rewrite.