I have a PHP website based on codeigniter. It uses Mode View Controller and has articles. Each article has id and is displayed by Articles controller. Once an article is displayed the url looks like http://localhost/ci/articles/show_article/245. Now the problem is any one can enter number like 246 123 222 and view the articles at random. am not comfortable with this. I want readers to go the way things are organized in the site and want to stop them from directly accessing the articles from URL.
How can this be achieved in PHP / codeigniter.??
This cannot be done. You cannot control what a user types into the web browser.
You can't control user outside the browser area, and if you could. you should not.
Alternatively, you could use encoded article Ids by your own pattern to make it unpredictable. when these encoded article ids are received, decode them back and show the articles accordingly.
It's impossible to do this, and there's also no reason that you should be uncomfortable with it. You can't prevent client-side requests. I think anyone trying to use your site properly (assuming it is set up properly) won't try to go through articles out of order.
If you absolutely must, what you can do is something like set a _SESSION flag for what articles they have visited and if they try to get to one out of order, redirect them.
Related
I have a specific requirement and am looking for suggestions on the best possible way to achieve that. I would start by apologizing if I sound too naïve. What I am trying to achieve in here is:
A) I have a parent site, say, www.abc.com.
B) I am planning to enable multisite option for it. This parent site has a area map with a number of location images overlayed. All of these images, when clicked, should lead to a subsite.
C) This subsite (has already been coded) is totally dynamic and every single information being displayed on it is being extracted from the database. It uses a session variable, which for now has been hard-coded at the very beginning of the header. This variable also decides on which database to refer to. So it will display information for different locations, based on the location selected on the parent site. Even the URL should appear per that. Say if Location ‘A’ was clicked on parent-site then the session variable needs to set to ‘LocA’ on the sub-site and the URL should be something like www.abc.com/LocA and if the Location ‘B’ was clicked then the session variable should be set to ‘LocB’ and the URL should appear as www.abc.com/LocB etc.. Trying to figure out how to achieve this. [It will have one front-end for all the locations but different databases for each location.]
I am an entrepreneur with some programming experience from my past (but none related to website designing). Because of the help from all you geniuses and the code samples lying around, I was able to code the parent site and the sub-site (using html, php, js, css ). Now the trouble is how to put it all together and make it work in correlation. Though it will still be a week or two before I get to try it but I am trying to gather insights so that I am ready by the time I reach there. Any help will be deeply appreciated.
I think the fundamental thing to understand before you get deeper is what a URL is. A URL is not part of the content that you display to the user; nor is it the name of a file on your server. A URL is the identifier the user sends your server, which your server can use to decide what content to serve. The existence of "sub-sites", and "databases", and even "files" is completely invisible to the end user, and you can arrange them however you like; you just need to tell the server how to respond to different URLs.
While it is possible to have the same URL serve different content to different users, based on cookies or other means of identifying a user, having entire sites "hidden" behind such conditions is generally a bad idea: it means users can't bookmark that content, or share it with others; and it probably means it won't show up in search results, which need a URL to link to.
When you don't want to map URLs directly to files and folders, the common approach involves two things:
Rewrite rules, which essentially say "when the user requests URL x, pretend they requested URL y instead".
Server-side code that acts as a "front controller", looking at the (rewritten) URL that was requested, and deciding what content to serve.
As a simple example:
The user requests /abc/holidays/spain
An Apache server is configured with RewriteRule /(...)/holidays/(.*) /show-holidays.php?site=$1&destination=$2 so expands it to /show-holidays.php?site=abc&destination=spain
The show-holidays.php script looks at the parameter $_GET['site'] and loads the configuration for sub-site "abc"
It then looks at $_GET['destination'] and loads the appropriate content
The output of the PHP script is sent back to the user
If the user requests /def/holidays/portugal, they will get different content, but the same PHP script will generate it
Both the rewrite rules and the server-side script can be as simple or as complex as you like - some sites have a single PHP script which accepts all responses, looks at the real URL that was requested, and decides what to do; others have a long list of mappings from URLs to specific PHP scripts.
I've been asked to look into building a widget for a website that looks at the content of the page its on and then displays relevant search results. My approach would be to use either the meta keywords or to do a count of words used within the document and use the highest occurring ones. Before I can do any of that though, I need to be able to get at the content of the containing page from the iframed page; is this at all possible? From what I can see it is not and I can only get the document referrer (where there might be useful information in the url I suppose).
Anyone know if this is at all possible?
As stated in my comment on the OP, due to XSS (cross site scripting) restrictions broswers will block any attempt to do anything (whether reading or writing) between sites on different domains.
So the answer is no, you will not be able to do what you've been asked by your clients.
The most you would be able to get is referal information, or (as you say) any information provided via the query string that the host site is willing to provide
Im planning to add language feature to my site. I can see two ways:
storing language in the url, so always www.mysite.com/en/introduce, www.mysite.com/en/home, or if 1st parameter is missing, just use the default. Its good for bookmark, but very hard to implement to all available links
storing in session. Way much easier, but users may gets confused not seeing the language in the URL.
I would say: session. What would you say? Any experiences?
If you want all your pages to be indexed by search engines, you'll have put the language parameter in the URL.
If you're producing more something like Facebook where a user needs to be logged in to receive content in his personalized language, use sessions.
I would use the first method togetter with a url rewrite engine.
F.e. when using RewriteEngine for Apache you could add this line to your .htaccess:
RewriteRule ^([a-zA-Z][a-zA-Z])/([a-zA-Z]*)$ content.php?culture=$1&content=$2
and even this can work:
RewriteRule ^([a-zA-Z][a-zA-Z])/([a-zA-Z]*)$ $2.php?culture=$1
You want to put your language as part of the url, otherwise google won't be able to index it for different countries. Also, they might think you have two types of content on the same page.
I would store it in session if there's only some parts of content changing as it's easier to implement if you're just changing i.e. contact details for the company based on what country the user is coming from. But as a general rule, give it a separate url either using .htaccess or your routing system.
Regular users don't look at URL and change the parameters from there. Normal users are point and click. Keep the language selection somewhere visible on the page and also in the user settings. This is not something that a user will want to change several times during a visit. We are talking about a setting that you can ask and set on the first visit. Currently I hate the way the google does it using my IP, assuming (wrong) that if I am entering from Norway I definitely speak Norwegian and I can handle finding in Norwegian menus the English version. I do like the way Etsy.com is doing it, they ask you on the first visit what is your preferred language, currency and so on. If you accept them good, but you can change them right there without having to navigate to a menu. In my opinion go for cookies or session instead of polluting the URL.
I'm sure I'm not the first person who has thought about this but I haven't had any luck forming that proper search query in google to find the info. Here's what I'm wanting to do:
I have a CodeIgniter based site. I'm going to store basic content into tables in the db. I'm thinking that I would have the domain names stored in table to and use the unique id of the table row as the method of querying the appropriate content from the db for the rest of the views. For example. MyDomain.com is #1 in the row followed by YourDomain.com. If the visitor arrived at the site by typing YourDomain.com then somehow CI would "see" that and then query the content for that domain from the db.
Does this make sense? Has anyone else tried it? Is it possible?
Haven't done it myself, but I did some searching for "codeigniter multi site" and found some useful links, this being one of them that seemed to step you through the process.
In general there is an HTTP_HOST header (or similar header) that identifies the host in the user's request. You can look that header up and then use that to index into your database to extract the right content.
I have created a widget for my web application. User's getting code and just pasting that code in their website and my widget works on their website something like twitter, digg and other social widgets.
My widget is on the basis of post, for a single post (say postid: 234) I am providing single widget, so anyone can embed the widget on their website.
Now I want to know that where all my widget is posted and for which post? for that I have recorded the URL of the site when my widget start (onload) but the problem arises when someone placed the widget in their blog or website's common sidebar. I am recording URL each time and hence if it's in sidebar of a blog then it's recording URL for every post which is creating duplicates.
can anyone help on this? How should I go so that I have only one single record for a widget on a site?
I think doing something like this is a bit tricky. Here are some ideas that pop to mind
You could for example ask the user to input their site's URL when they get the widget, or the widget could track the domain or subdomain, thus giving less URLs.
Just tracking the domain would obviously be problematic if the actual site is domain.com/sitename/, and there could be more than one site under the domain. In that case, you could attempt to detect the highest common directory. Something like this:
You have multiple URLs like this: domain.com/site/page1, domain.com/site/page2, and so on. Here the highest common directory would be domain.com/site.
I don't think that will always work correctly or provide completely accurate results. For accuracy, I think the best is to just ask the user for the URL when they download the code for the widget.
Edit: new idea - Just generate a unique ID for each user. This could be accomplished by simply taking the current timestamp or something, and hiding it into the code snippet the user is supposed to copy. This way you can track the ID itself and any URLs and domains it appears in can be grouped under it.
If you have an ID which doesn't get a hit in say week or something you could remove it from your database, and that way avoid filling it up with unused IDs.
I agree with Jani regarding a unique id. When you dish out the script you'll then be able to always relate back to that id. You are still going to have duplicates if the user uses the same id over and over, but at least you'll have a way of differentiating one user from another. Another useful advantage is that you are now able to, as Jani said, group by the ID and get a cumulative number for all of the instances where that user used the script & id.