Well, I'm trying to get an iframe from a URL of this sort: http://mydomain.com/frame.php?q=http://someotherdomain.com
For some reason I am getting a server error with this code and cannot figure out why. Does anyone see something wrong?
Thanks!
<?php
$q = $_GET('q');
function getTitle($Url){
$str = file_get_contents($Url);
if(strlen($str)>0){
preg_match("/\<title\>(.*)\<\/title\>/",$str,$title);
return $title[1];
}
};
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title><?php echo getTitle($q) ?></title>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
</head>
<body>
<?php echo "<iframe src='".$q."' style='width:100%;height:100%;border:0;'></iframe>" ?>
</body>
</html>
Well, for starters, this
$q = $_GET('q');
should be
$q = $_GET['q'];
PLEASE NOTE
This method you are using is highly insecure. Consider a malicious person making the following request.
http://mydomain.com/frame.php?q=..%2F..%2F..%2F..%2Fetc%2Fapache2%2Fhttpd.conf
By providing different values of q, the attacker can potentially read any file readable by the webserver's user.
Try this:
<?php
$URL = parse_url($_SERVER['REQUEST_URI'];
/* make sure the title is the first parameter and only param passed, otherwise include a ltrim to get rid of everything starting with & */
$q = rtrim('=', $URL['query']);
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title><?php=$q?></title>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
</head>
<body style="margin: 0;">
<?php='<iframe src="' . $whateverURL . '" style="width: 100%; height: 100%; border: 0px;" />'?>
</body>
</html>
take a look at your apache log error
it is usually at:
tail -f /var/log/apache2/error.log
Related
I am trying to print / echo utm_source, utm_medium and utm_campaign query values using this PHP code;
echo $_GET['utm_source'];
But strangely for some unknown reason on my server its not printing the values, when I replace utm_source to something else like test_source I am able to see the value in print.
Never faced any such issue, can anyone guide me here.
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Untitled Document</title>
</head>
<body>
<?php echo $_GET['utm_source']; ?>
</body>
</html>
If your site is using WPengine, you will not be able to get the utm variables (and any additional variables after the utm's) out of the URL using PHP. Some web hosts specifically target and remove these utm parameters from server requests for performance reasons. Tricky part is, utm variables are still going remain in the URL which means that you can retrieve them using Javascript instead if you need to.
Source: WPengine article
https://wpengine.com/support/utm-gclid-variables-caching/
Your original question quoted this code
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Untitled Document</title>
</head>
<body>
<?php $_GET['utm_source']; ?>
</body>
</html>
If you add an echo to this statement it will work
<?php echo $_GET['utm_source']; ?>
when tested using
test.com/test.php?utm_source=1
A safer piece of PHP code would be
<?php
if ( isset($_GET['utm_source']) ) {
echo $_GET['utm_source'];
} else {
echo 'the parameter utm_source is missing';
}
?>
I know it's late. but maybe this answer helps another developer.
// get the value of outlink, source, campaign, medium, content
let url = new URL(window.location.href);
let outlink = url.searchParams.get('outlink'),
utmSource = url.searchParams.get('utm_source'),
utmCampaign = url.searchParams.get('utm_campaign'),
utmMedium = url.searchParams.get('utm_medium'),
utmContent = url.searchParams.get('utm_content');
console.table( { outlink , utmSource, utmCampaign,
utmMedium,utmContent});
i have try this code
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org /TR/xhtml1/DTD/xhtml1-transitional.dtd">
<?php phpinfo(); die; ?>
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<title>TRY IT</title>
</head>
<body>
<?php
echo "test";
?>
</body>
</html>
It is very simple echo syntax in php. Output that should i got is string "test" on my screen. but output that i got just a blank page.
For your information php version that installed on my computer is version 5.3.8
anyone know what happen?
Remove the die on the second line.
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org /TR/xhtml1/DTD/xhtml1-transitional.dtd">
<?php phpinfo(); die; ?>
^^^^ Remove this
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<title>TRY IT</title>
</head>
<body>
<?php
echo "test";
?>
</body>
</html>
it produces output when it is saved as filename.html
but when i try to change it to filename.php
then open the link in the brown using filename.php
it doesnt produce output anymore
NOTE: i removed some of the code too long
<?php
echo"
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<script>
print code requirement
function printpage()
{
window.print();
}
</script>
print code requirement
<meta name="keywords" content="" />
<meta name="description" content="" />
<meta http-equiv="content-type" content="text/html; charset=utf-8" />
<title>WildFlowers by FCT</title>
<link href='http://fonts.googleapis.com/css?family=Oswald:400,300' rel='stylesheet' type='text/css'>
<link href='http://fonts.googleapis.com/css?family=Abel' rel='stylesheet' type='text/css'>
<link href="style.css" rel="stylesheet" type="text/css" media="screen" />
<style type="text/css">
#wrapper #header-wrapper #header h1 a strong {
font-family: Georgia, "Times New Roman", Times, serif;
size: '100';
font-size: 40px;
</body>
</html>
";
?>
You have to remove <?php and ?>. Between these two tags there must be php-code and no html.
Edit: Maybe no errors are reported, because your server is configured to suppress errors.
Put some space after the echo..And use single quote['] insted of double.And change all single quotes from your code to double quote.(")
eg: -
<?php echo '
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head></head>
<body> Bla bla bla
</body>
</html>';
?>
The problem in your code is, you just started the codes with double quote.So the PHP server consider the next double quote is the closing of the echo statement.So there is nothing to print inside the first two double quote.But if you take the page source, you can see
<!DOCTYPE html PUBLIC
This is because you open PHP tag at the beginning of file:
<?php
Close it before your HTML markup:
<?php
// your php code
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
You can not have html in your php tags, if you want to use html you have to end the close your php first so something like this:
<?php
// php code here
?>
html code here
<?php
// php here
?>
If You need to write html inside php code use the echo statement.
ex:
<?php echo"
<!DOCTYPE html PUBLIC '-//W3C//DTD XHTML 1.0 Strict//EN' 'http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd'>
<html xmlns='http://www.w3.org/1999/xhtml'>
<head></head>
<body>
//your code here
</body>
</html>";
?>
Why I am not able to end a javascript inside a PHP heredoc?
The rest of the code below this line:
</script>
become not part of PHP's code. They become HTML code.
It is like the end script code ends the PHP block.
$headerContent = <<<HEAD
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-US" lang="en-US">
<head>
<title>$title</title>
<meta http-equiv="content-type" content="text/html; charset=iso-8859-2" />
<script>
</script> // Here is the problem
</head> // code here and below becomes not part of PHP.
<body>
.
.
.
HEAD;
Any tips for solving this problem?
Although I can't reproduce this with HEREDOC (it's possible that different versions of PHP behave differently in this respect), </script> is equivalent to ?> in PHP code, because it's a counterpart to <script language="php">. Example:
<script language="php"> $a = 1; </script>
Test: <?= $a ?>
So wherever you encounter problems with the ?> closing tag, you'll also encounter the same problems with the </script> closing tag. One option would be to store this in a variable and use it. Example:
<?php
$endScript = '</' . 'script>';
$headerContent = <<<HEAD
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-US" lang="en-US">
<head>
<title>$title</title>
<meta http-equiv="content-type" content="text/html; charset=iso-8859-2" />
<script>
$endScript
</head>
<body>
.
.
.
HEAD;
I currently have a very simple page that redirects to another URL. However for some reason, I cannot get this to work.
I'm sure there is a very simple solution to this problem and any help to make me understand exactly what's going on would be appreciated.
Here is my page:
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Test - Youtube</title>
</head>
<body>
<?php
ob_start();
header('Location: vnd.youtube:xjTEqVQVsQs');
ob_end_flush();
?>
</body>
</html>
Thanks
You are having some Outputs on your page before sending header and that's why you can not redirect, you should use output buffering like this:
<?php
ob_start();
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Test - Youtube</title>
</head>
<body>
<?php
header('Location: vnd.youtube:xjTEqVQVsQs');
die();
?>
</body>
</html>
<?php
ob_end_flush();
?>
<?php
ob_start();
header('Location: vnd.youtube:xjTEqVQVsQs');
ob_end_flush();
?>
remove all the html except above php code if it's only a redirect page.
This is how the code should look like:
<?php
ob_start();
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Test - Youtube</title>
</head>
<body>
<?php
header('Location: vnd.youtube:xjTEqVQVsQs'); // Are you sure that's the right
address?
?>
</body>
</html>
<?php
ob_end_flush();
?>
Anyway, the page is redirecting to another page, why do you need the html tags?
You should remove all the page content except PHP script:
<?php
ob_start();
header('Location: vnd.youtube:xjTEqVQVsQs');
ob_end_flush();
?>
Or
put your PHP script on top of the page:
<?php
ob_start();
header('Location: vnd.youtube:xjTEqVQVsQs');
ob_end_flush();
?>
Make sure there is no empty space before php tag above.
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Test - Youtube</title>
</head>
<body>
</body>
</html>
As redirect sends headers to the browser it MUST be sent before any output.
You can use the method below to redirect using a different method depending on whether the headers have been sent:
<?php
function redirect($filename) {
if ( ! headers_sent())
header('Location: '.$filename);
exit; // just a good practice to EXIT after redirecting
else {
echo '<script type="text/javascript">';
echo 'window.location.href="'.$filename.'";';
echo '</script>';
echo '<noscript>';
echo '<meta http-equiv="refresh" content="0;url='.$filename.'" />';
echo '</noscript>';
}
}
redirect('http://www.google.com');
?>
This will fallback to using javascript if the headers have already been sent.
If you want to use the header() method it must be at the top of your code before any other output (including whitespace).