I am trying to figure out how to allow PHP index only if it matches the URL I put in, something like this:
Example if you put in URL site.com/myfile.php I want to show message like 404 Error or something
But if you put site.com/myfile.php?=123 to show the page content.
I think it might be considered bad practice to send someone to a 404 when the page that they are accessing does actually exist, it's only a variable that they are missing.
Firstly, I'd expect to see something like
site.com/myfile.php?variablename=123
instead.
If you absolutely wanted to, you could at the top of your file then add a:
if(!isset($_GET['variablename']){
header('location:404.php');
}
Where 404.php is your 404 file that you'd like the user to see.
Hope that helps?
You could run a conditional looking for the request info, i would make it specific like using a ?page_id=123
<?php
if ( $_REQUEST AND isset($_REQUEST['page_id']) )
{
// SHOW PAGE CONTENT
}
else
{
// RETURN 404
}
?>
You would have to test the $_GET parameters.
if (!$_GET) {
echo "404 Error"; //or redirect using header();
} elseif ($_GET['key'] == 'value') {
//code here
}
I see you are using ?=123, I'm not 100% on if that will work, but it's easier (IMO) to have a key=>value association in the URL.
This should be enough for what you need. If there are other requirements let us know.
if(!isset($_GET)){
//do whatever you want to validate the get input provided.
} else {
header("HTTP/1.0 404 Not Found");
}
Well first of all this ?=123 might be an issue because when ?=123 is passed then it should be stored somewhere, it could be like this ?uid=123 and then you retrieve it in a variable through the get method and then check its value and accordingly redirect the user.
You can do something like this
if(isset($_GET['uid']))
{
refresh(to whatever location you want);
}
else
refresh(to some other location);
but if you want the error 404 something then its not possible according to me, because the values will be sent to a page that exists and if the page exists then the server cannot give a "not found" error.
By simply comparing a string.
if (#$_GET['secret'] != 'mysecret'){
header('location: noaccess.php'); //redirect the user to access denied page.
die(); // terminate the script. A
}
// The rest of the page
Or to keep everything in one file:
if ((isset($_GET['secret'])) && ($_GET['secret'] == 'mysecret')){
// Show the page
} else {
// Show an error message
}
site.com/myfile.php?secret=mysecret
Related
Very strange problem and I'm scratching my head. If anyone can help it would be much appreciated, thanks.
I have a Search Location result page that should only appear if either 1) the form on the previous page has been submitted; or 2) they are searching via a url, e.g.
www.mywebsite.com?use_url=on&zipcode=UB95BX&radius=50.
So, at the top of the page I have the following code:
// Validate input and sanitize
if (empty($_POST['submit']) || empty($_GET['use_url']))
{
header('Location: index1.php');
exit;
}
Problem is, it's not working and it's redirecting EVERY request. Does anyone know how I can get it to work, so that if there is no submit post, or if there is no get request (basically, if the user types in www.mywebsite.com/locations.php directly into the url bar), the user is redirected.
Strange thing is this, if I leave out the empty($_GET) command and make it therefore
// Validate input and sanitize
if (empty($_POST['submit']))
{
header('Location: index1.php');
exit;
}
It works fine on an empty submit, the problems only occurs when I specify two criteria for a redirect.
Thanks everyone / Luke
|| is logical OR. Currently your code reads "if either post or get are empty, redirect"
What im sure you mean is "if both post and get are empty, redirect".
You should use logical AND (&&):
if (empty($_POST['submit']) && empty($_GET['use_url']))
{
header('Location: index1.php');
exit;
}
Try this:
if (empty($_REQUEST['submit'])
or if (!isset($_REQUEST['submit'])
I am trying to make a simple redirect php plugin, and i cant get to the bottom, i would really appreciate some help.
Inside a folder i have the php script that will handle the redirect, for ex: /redirect/a.php
Scenario 1:
call /redirect/a.php?key=firstkey the redirect to http://www.url1.com
Scenario 2:
call redirect/a.php?key=secondkey then redirect to http://www.url2.com
General rule:
If a.php is called without key, or with wrong key then display Error.
Thank you!
Use global variable $_GET["key"] to get value of "?key=value", then use header() to redirect.
Note that there cannot be any output before calling header(), that applies even for whitespaces (such as space, or tab).
It could look something like this:
// checking whether the key is sent by user who visits the page
if(!isset($_GET["key]))
{
die("Key is required");
}
// checking whether the key is empty
if(empty($key)
{
die("Key shouldn't be empty");
}
if($_GET["key"] == "firstkey")
{
header("location: http://www.url1.com");
}
It would be better to use array() to list keys that should be accepted by script, you could easily look for them by using in_array().
So I have this code in PHP, and it's not working for some reason that I don't know:
if(!empty($ccle))
{
header("Location: http://google.com");
}
else
{
header("Location: http://yahoo.com");
}
What I want is: if the "ccle" field is empty, then go to google.com
Or if the "ccle" field is not empty (Where ever was the value) then go to yahoo.com
How to make it do that?
You need to switch them...
if(!empty($ccle))
{
// Go to Yahoo if $ccle is NOT empty
header("Location: http://yahoo.com");
}
else
{
// Else, go to Google
header("Location: http://google.com");
}
Just to elaborate. What your if statement is saying is...
if($ccle IS NOT empty)
The exclamation in PHP is the logical not operator.
If you'd like to redirect to Google when it's empty and Yahoo when it's not. You would then change:
if(!empty($ccle))
To:
if(empty($ccle))
if(empty($ccle)) {
header('Location: http://google.com/');
} else {
header('Location: http://yahoo.com/');
}
This should perform as you described. The only difference is I've removed the exclamation. Your original code said if ccle is ndt empty, go to google. This says if it is empty go to google.
You have to make sure this is called before anything else is output to the browser. If it's still not working post any errors or what the output actually is.
All the other answers are spot on
i'd just like to add the the ! part of !empty signifies "NOT", so what you've been typing in is essentially "if the field is NOT empty, then go to google" instead of "if the field is empty, then go to google"
also, how are you getting the variable? if you have a form similar to this:
<input name="ccl" type="text" id="ccl" />
and something similar to this for grabbing the form contents and putting it into a variable,
<?php
//making sure the forms button is pressed
if(isset($_POST["button"])){
//grabbing input and putting into a variable
$ccl = ($_POST["ccl"]);
}
?>
then the other answers provided should work
I want to check which URL someone is currently on. For example:
if(url=index.php?p=contact) {
echo the code i want to run,
}
else {
do nothing
}
So basically, I want to run a block of code when the user is on index.php?p=contact
The current requested URI path plus query is available in $_SERVER['REQUEST_URI'] and the filename of the processing script in $_SERVER['SCRIPT_FILENAME'].
If you need to check the complete path, see Gumbo's answer. If index.php is only accessible by navigating to that name directly (that is, you know if index.php is being executed the user must've gone to index.php, and you're not using something like URL rewriting), it probably makes much more sense to just check:
if($_GET['p'] == 'contact')
within index.php. If the condition is being reached, index.php is executing and clearly that's the page the user is on
This is what I did (to make it as I want with .htaccess); works for me since I do not have allot of pages to check. I used PHP_SELF:
<?php
if (htmlentities($_SERVER["PHP_SELF"]) === "/.../index.php") { // echo $_SERVER["PHP_SELF"] to see your path ..
header("Location: ./"); // I am using .htaccess, so I only want the page name and exclude ".php" in the address-bar (URL)
die();
} else if (htmlentities($_SERVER["PHP_SELF"]) === "/.../page2.php") {
header("Location: page2"); // I am using .htaccess, so I only want the page name and exclude ".php" in the address-bar (URL)
die();
}
?>
So I'm using a single entry point found in a previous question of mine: How to include config.php efficiently?
We all know what 404 errors is, so no explanation needed there. However, when using the single entry point index.php?page=pokemon, it doesn't go to the 404 page when trying to access a page that is non-existent. So how can I solve this problem which would make it more user friendly and direct the visitors to my 404 page so they won't see all the PHP errors?
You should output your own error page (you could just include() a .html file, for example), and set the HTTP status code using the header() function:
header("HTTP/1.0 404 Not Found");
Of course, you must set the header before including the error template.
I assume you do sort of an if / elseif or a switch on the variable $page to figure out which page to display, right?
If so, just add an ELSE resp. default: branch which will display a custom error note
to the user if an unexpected value is passed as $page.
HTH
If you’re actually using user187291’s code, alter it like this:
$page = "home";
if (isset($_GET['page'])) {
$page = $_GET['page'];
}
$file = "$page.php";
if (preg_match('/\W/', $file) || !is_file($file)) {
header($_SERVER['SERVER_PROTOCOL'].' 404 Not Found', true, 404);
// print error message
exit;
} else {
include $file;
}
But since you’re using header, you need to make sure that no output has been sent to the client. Otherwise the HTTP header is already sent and you cannot modify it. You can use the output control functions to buffer any output and discard it in case of an error.