PHP Script not always executing - php

I seem to be having problems with a PHP script which seems to have some intermittent problems.
Im hoping you can help. The php script is simply used to provide users with different stylesheets dependant on their HTTP agent. (I know this is not responsive mobile design)
This work is for a corporate project therefore unfortunately I cant share any links...
The problem I seem to be having is often this script fails to execute and the user is not directed to appropriate stylesheet. This can be simulated by visiting the page and hitting refresh... When the error occurs and I directly visit the PHP script I am simply provided with the code snippet. When the script is working and I do the same I am directed straight to the appropriate CSS file as expected.
Why could this be? Is this a server side problem or is there something wrong with my implementation?
<?php
// MOBILE
$blackberry = strpos($_SERVER['HTTP_USER_AGENT'],"BB10");
$blackberry2 = strpos($_SERVER['HTTP_USER_AGENT'],"BlackBerry");
$iphone = strpos($_SERVER['HTTP_USER_AGENT'],"iPhone");
$ipad = strpos($_SERVER['HTTP_USER_AGENT'],"iPad");
$chrome = strpos($_SERVER['HTTP_USER_AGENT'],"Chrome");
$safari = strpos($_SERVER['HTTP_USER_AGENT'],"Safari");
// REDIRECTS
// MOBILE
if ($blackberry == true)
{
header('Location: style.css');
}
else if ($blackberry2 == true)
{
header('Location: bb7.css');
}
else if ($iphone == true)
{
header('Location: style.css');
}
else if ($ipad == true)
{
header('Location: ipad.css');
}
else if ($chrome == true)
{
header('Location: style.css');
}
else if ($safari == true)
{
header('Location: style.css');
}
?>
HTML Code...
<!--Dynamic CSS Scripts-->
<link rel="stylesheet" href="css.php">
<!--END-->
Thanks!

Related

Prevent User from accessing admin.php

I'm having a problem preventing regular users from accessing my admin.php page.
I've set in the database it so that users have a type (it's a boolean so either 0 = admin or 1 = normal user)
At the top of my admin.php page I have
<?php
// Initialize the session
session_start();
// Check if the user is logged in, if not then redirect him to login page
if(!isset($_SESSION["loggedin"]) || $_SESSION["loggedin"] !== true){
header("location: login.php");
}
elseif(!isset($_SESSION['type']) && $_SESSION['type'] !== 0) {
header('Location: profile.php');
exit;
}
?>
I originally had the last piece of code as:
elseif(!isset($_SESSION['type']) || $_SESSION['type'] !== 0) {
header('Location: profile.php');
exit;
but this would prevent all users, both admin or normal, from accessing the admin page. I'm not sure how to proceed.
Edit: I'm a novice at PHP and still a student so I'm not 100% familiar with PHP.

Correct code is:
// Check if the user is logged in
if(!isset($_SESSION["loggedin"]) || $_SESSION["loggedin"] == true){ // if login
if(!isset($_SESSION['type']) && $_SESSION['type'] == 0){ //if admin (type == 0)
header('Location: profile.php');
}
else{ //if not admin (type !== 0)
header('send somewhere else');
}
}
else { // else not login
header('Location: login.php');
exit;
}

Since you're a novice at PHP, what I'm going to recommend is not an answer to fix your code (I don't see any obvious problem with it), but instead how to set up your development environment so that you can easily see what the problem is yourself.
There are two main options:
1.) (Best option) Setup Xdebug and an IDE so that you can debug your code in real time, line by line
2.) Use echo to output information to the page
Option #1
This is the best option, and I highly recommend you learn how to debug PHP line by line, as soon as you can. Xdebug is the most popular debugger for PHP; you'll need to set that up and install it. Then you'll need an IDE that supports debugging. I recommend PHPStorm if you have the funds, or Sublime Text if you need a free option.
Option #2
Instead of having your code redirect, have it output information, like this:
$loggedIn = isset($_SESSION["loggedin"]);
echo $loggedIn;
$type = $_SESSION['type'];
echo $type;
This is kind of the "poor mans" debugging. It allows you to see printed to the page, what the values of variable are. Once you know what the values are, you'll easily be able to figure out why your code isn't working. You can even then do things like this:
elseif(!isset($_SESSION['type']) && $_SESSION['type'] !== 0) {
echo "this will take you to profile.php";
}

Infinite redirect loop from PHP code in Wordpress

I have a PHP script which I will post below. It is a voting website, and my client only wants one user to be able to vote once based on their cookies and IP address.
After voting once, if the cookie or IP is detected as the same they are redirected to a fake voting pg which allows multiple votes. The browser loops between both the legal and duplicate vote pages.
Here is the code, I only added in the exit and die functions after getting this error and seeing online that might be the cause - however adding those functions made no difference.
$q = mysql_query("SELECT * FROM votelog");
while($row = mysql_fetch_array($q))
{
if(($ip = $_SERVER['REMOTE_ADDR']) == $row['ip'])
{
$duplicateIP = true;
}//end if
if(($row['pollid'] == 8))
{
$duplicatePoll = true;
}//end if
}//end while
//check cookies
if(isset($_COOKIE['poll']))
{
$cookieCheck = true;
}//end if
if((($duplicateIP == true) && ($duplicatePoll == true)) or ($cookieCheck == true))
{
show this pg
}//end if
else
{
echo '<meta http-equiv="refresh" content="0; url=/polls/legit" />'; //redirect to legal pg
exit();
die();
}//end else
Any ideas? The other page is the same except that the if and else are switched, like this:
if((($duplicateIP == true) && ($duplicatePoll == true)) or ($cookieCheck == true))
{
echo '<meta http-equiv="refresh" content="0; url=/polls/dupe" />'; //redirect to duplicate
exit();
die();
}//end if
else
{
show this pg
}//end else
P.S - I'm operating in a Wordpress environment

It is hard to guess whats going on there. But if your code is fine, i would expect that you have an caching issue.
Setting the headers (header()) correct, would help to solve that issue. But be carefull, you can make it more worse with setting wrong headers.
So an easy workaround could be to add an ?time() to your url. So the redirected URL would change each second.
echo '<meta http-equiv="refresh" content="0; url=/polls/dupe?'.time().'" />'; //redirect to duplicate
Just a side note:
exit();
die(); // this will never reached, as exit() and die() is the same
About exit() and die()

Redirect loop in full site to mobile site using session

I have a full site that has been in OS-commerce and mobile site is in core PHP (codeignitor), and full version and a mobile version on sub-domain.
e.g full site: www.example.com and mobile site domain is m.example.com. when user open full site domain in mobile, then website redirect proper mobile domain, But if mobile user want to view full site then user can view fullsite in mobile.
I have used this to complete the redirect http://code.google.com/p/php-mobile-detect/, But it is not redirecting to the full site or to the mobile site using session. I know that I have to use PHP SESSIONS and REQUEST in order to get this to work but I am not sure how to use them in this instance, so could you please suggest how to solve this redirecting issue using session?
Here my code is:
session_start();
include('includes/Mobile_Detect.php');
$detect = new Mobile_Detect;
if(isset($_REQUEST['fullsite']) && $_REQUEST['fullsite'] == 'yes')
{//check if fullsite view request from mobile or website?
$_SESSION['fullsite']="yes";
if($detect->isMobile()) {
$_SESSION['website']="mobile";
}
else{
$_SESSION['website']="computer";
}
$deviceType = header('Location: https://www.example.com/');
}
else
{
if($_SESSION['website'] =="mobile" && $_SESSION['fullsite'] !="yes")
{
if($detect->isTablet())
{
$deviceType = 'tablet';
}
else
{
$deviceType = 'phone';
}
$deviceType = header('Location: https://m.example.com/');
}
elseif($_SESSION['website'] =="computer" && $_SESSION['fullsite'] =="yes")
{
$deviceType = 'computer';
$deviceType = header('Location: https://www.example.com/');
}
else{
$deviceType = 'computer';
}
$scriptVersion = $detect->getScriptVersion();
session_destroy();
}

From what I could get from github page you should be able to make it work like this:
index.php
session_start();
if ($_GET['fullscreen'] == 'yes') {
$_SESSION['fullscreen'] = 1;
} else if ($_GET['fullscreen'] == 'no') {
$_SESSION['fullscreen'] = 0;
}
if (false == isset($_SESSION['fullscreen']) && ($_SESSION['fullscreen'] == 0)) {
// If session['fullscreen'] has not been set (maybe first visit
// or the user does not what in fullscree
// check the device and do redirect
require_once 'Mobile_Detect.php';
$detect = new Mobile_Detect();
// Any mobile device (phones or tablets).
if ( $detect->isMobile() ) {
}
...
}
// Other code here
When visiting from mobile, if the user wants the full version, provide an anchor to url with GET parameter fullscreen=yes (http://example.com?fullscreen=yes)
If on full site and detect mobile (not included in code above), you could provide a link to mobile version with fullscreen=no

Launch redirect url in rel window?

i'm trying to put a piece of code into my login script. If the users account is a particular type i want it to redirect to another url.
This bit i know how to do. but i want the url window to open in a pretty photo box which i have on my site. It's a kind of css box iframe window. I have the majority of my links opening in them by using this code:
Link
But when i try and do that for my redirect function it won't work. Can anyone let me know why this would be, i am typing the code like this:
function redirect_to( $location = NULL ) {
if ($location != NULL) {
header("Location: {$location}");
exit;
}
}
<?php
$account_type = account_type();
while ($acctype = mysql_fetch_array($account_type))
if ($acctype['account_type'] == 'free_member') {
redirect_to("chatboard.php?iframe=true&height=260\" rel=\"prettyPhoto[1]\"");
}
?>

Ok so a couple things and I am not sure how you have it setup, but this is how it should be
<?php
function redirect_to( $location = NULL ) {
if ($location != NULL) {
header("Location: {$location}");
exit;
}
}
$account_type = account_type();
while ($acctype = mysql_fetch_array($account_type)){
if ($acctype['account_type'] == 'free_member') {
redirect_to('chatboard.php?iframe=true&height=260&rel=' . $prettyPhoto[1]);
}
}
?>
And on your chatboard.php check for the proper variables making sure they are cleaned from possible attacks as well.

"VIEW FULL SITE" mobile site option

So I'm working on the mobile version of a site I'm doing, and
so far, I'm pulling the mobile sites content from its main counterpart, the main site.
As I study some mobile sites out there, I notice a lot of em have a "view full site" link.
Now I plan on redirecting the mobile visitors via .js in the header tag on main site via a check for screen width etc...(not sure if its the best way but so far the easiest on my brain))(but suggestions also welcome)
but something like this
if (screen.width<=XyZ||screen.height<=XyZ) //example iphone size lets say 320x480
window.location.replace("mobile site link here.")
Again I dont know if this is the best way but, on dummy tests, it works on iPhone, some friends Droids, and one Blackberry. But it works.
Anyways, so my question is, if i do this check on every page...how can I possible have a "view full site" option?

Use PHP to detect mobile users through $_SERVER['HTTP_USER_AGENT'].
JavaScript detection may not be reliable, because many mobile browsers do not support JS.
A "View Full Site" will set a cookie to reject mobile site, which is detectable.
Use cookies to keep track of your user's preferences.
In skeleton
<?php
if (isset($_COOKIE['nomobile'])) {
$style = "normal";
} else {
if (preg_match('/iPhone|(...etc...)/', $_SERVER['HTTP_USER_AGENT'])) {
$style = "mobile";
} else {
$style = "normal";
}
}
For the "View Full Site" page:
Full Site
fullsite.php
<?php
setcookie('nomobile', 'true');
header('Location: index.php');
?>

First, go to the following URL and download the mobile_detect.php file:
http://code.google.com/p/php-mobile-detect/
Next, follow the instructions on the page, and upload the mobile_detect.php to your root directory,
Insert the following code on your index or home page:
<?php
#include("Mobile_Detect.php");
$detect = new Mobile_Detect();
if ($detect->isMobile() && isset($_COOKIE['mobile']))
{
$detect = "false";
}
elseif ($detect->isMobile())
{
header("Location:http://www.yourmobiledirectory.com");
}
?>
You will notice that the above code is checking for a cookie called "mobile", this cookie is set when the mobile device is redirected to the mobile page. To set the cookie insert the following code on your mobile landing page:
<?php
setcookie("mobile","m", time()+3600, "/");
?>
View the full article at: http://www.squidoo.com/php-mobile-redirect

It's not a best way, because very often JS aren't supported by mobile browsers.
You can use this function:
function its_mobile_browser($user_agent = '')
{
if (empty($user_agent))
{
$user_agent = $_SERVER['HTTP_USER_AGENT'];
if (empty($user_agent)) return false;
}
if (stripos($user_agent, 'Explorer')!==false ||
stripos($user_agent, 'Windows')!==false ||
stripos($user_agent, 'Win NT')!==false ||
stripos($user_agent, 'FireFox')!==false ||
stripos($user_agent, 'linux')!==false ||
stripos($user_agent, 'unix')!==false ||
stripos($user_agent, 'Macintosh')!==false
)
{
if (!(stripos($user_agent, 'Opera Mini')!==false
|| stripos($user_agent, 'WAP')!==false
|| stripos($user_agent, 'Mobile')!==false
|| stripos($user_agent, 'Symbian')!==false
|| stripos($user_agent, 'NetFront')!==false
|| stripos($user_agent, ' PPC')!==false
|| stripos($user_agent, 'iPhone')!==false
|| stripos($user_agent, 'Android')!==false
|| stripos($user_agent, 'Nokia')!==false
|| stripos($user_agent, 'Samsung')!==false
|| stripos($user_agent, 'SonyEricsson')!==false
|| stripos($user_agent, 'LG')!==false
|| stripos($user_agent, 'Obigo')!==false
|| stripos($user_agent, 'SEC-SGHX')!==false
|| stripos($user_agent, 'Fly')!==false
|| stripos($user_agent, 'MOT-')!==false
|| stripos($user_agent, 'Motorola')!==false
)
) return false;
}
return true;
}
Or something better, lol :)

You can add a query string parameter to your website address such as ?fullsite=true and include the following in your if condition >
var fullsite = getQueryString()["fullsite"];
if (fullsite != "true" && (screen.height <= xyz || screen.width <= abc)) //now redirect
You'll need the following function access query string. I took it from here > JavaScript query string
function getQueryString() {
var result = {}, queryString = location.search.substring(1),
re = /([^&=]+)=([^&]*)/g, m;
while (m = re.exec(queryString)) {
result[decodeURIComponent(m[1])] = decodeURIComponent(m[2]);
}
return result;
}
And in the link you can have >
Show me Full Site
===========
Saying that please take a look at CSS Media Queries. It may require changing a bit of your design architecture but it's pretty useful.

Server-side detection is definitely the way to do this, as you have no guarantee of JS being available or even turned on. A great PHP script for mobile detection is found here http://detectmobilebrowsers.mobi/ and it gets a lot of use around the web.

Categories