i have been given a php application as an internship project to clean up. The developer before has declared stuff like dbhost,dbuser so many times. On each script page. I was wondering what sort of design php developers use to get around this. i.e making a property file ? etc..
Generally most applications have a common include file, usually named something like "bootstrap", that defines global options and values and sets up some initialisation code. Then each page that is requested includes this file first.
In your case you'd put your database configuration in this bootstrap (perhaps traditionally in /includes/bootstrap.php), then for each page where it is required require "./includes/bootstrap.php";.
As an example, phpBB includes its 'kernel bootstrapper' on each page.
In order to avoid errors you should use require_once:
require_once "./includes/bootstrap.php";
This way even if multiple scripts try to include that specific file it is only included once.
Do not make a property file, or, if you insist, be certain that it cannot be downloaded through HTTP. The advantage of a PHP file is that, even if hackers guess the file name, it won't reveal much.
Put all DB credentials into a separate .PHP file, e.g. db_settings.php and then insert everywhere
<?
...
include "db_settings.php";
... ?>
You may even insert database connection code into the same file.
Related
I'm new to Joomla, but not a new programmer. I've written several applications in PHP that I want to include inside Joomla articles. Simple enough:
<?php include 'file.php'; ?>
The issue is that inside the PHP files I have a bunch of code gathering and creating variables that I need to POST and retrieve. I can get those POST variables inside the Article, but I can't pass them back to the included PHP file.
I've even coded the included PHP files to access the Joomla framework hoping to retrieve Joomla user id for example. This won't run inside the Article either and returns empty. However, if I run the PHP file on its own outside of the Article, I can access all POST data (obviously) and also the Joomla JFactory data. So it runs fine, until it's placed as an included file inside an Article.
The only way I've been able to pass something to the included PHP file is using $_GET url variables like this:
<?php include 'file.php?data=something'; ?>
However, this simply isn't practical as I have too many variables to pass like this. Normally, included PHP files run as part of the parent script and have access to all variables. How can I accomplish this in Joomla??
Much appreciated!
It is not recommended to include php into articles. Try instead one of these approaches:
Load your code in the index.php - file in your template: /templates/yourtemplate/index.php. This file is called every time your page is called.
Make a template override of the component where you want you external php file to be loaded. If this is in an article, you copy /components/com_content/views/article/tmpl/default.php (and possibly also other files there) to /templates/yourtemplate/html/com_content/article. Then add your include-statement here. (info) This file will be loaded each time you view a single article, but you can have further logic to only run it if (whatever)...
Use Jobin Jose's approach if you want to load you php-file inside content in an article. (info)
Some other approach writing a plugin
...or a component
I would say probably the easiest method is 2. (or 1.), but it all depends what you want to do.
Try this,
You have to create a simple module for your requirement, means what you are trying to achieve with included php file.
then place that module within the article with {loadposition module_position}
then you will get all the POST variables to that article and also suppose user_id and all other joomla Factory can be accessed bcoz its a Joomla module.
for a quick tutorial about module creation can be found here.
hope it make sense.
I resolved this using an Extension called Sourcerer
https://www.nonumber.nl/extensions/sourcerer
Variables can be passed without issue now.
Thanks for the input.
Why do not you try to create a new Joomla component and do whatever you want it it?
I am absolutely beginner in php/mysql but managed to do it with my page, following this instructions:
http://www.inmotionhosting.com/support/edu/joomla-3/create-component/helloworld
When you create this component, whatever you write in its "default.php" file, is actually a blank HTML/PHP page, with your joomla design and some other Joomla-features.
Sorry for the amateur answer and terminology :)
I don't know how to put this better and tried search some around but I wasn't really sure on what to search either for my situation.
I'm in the unfortunate situation of managing a very old website, that has been passed by the hands of at least 5 webmasters.
The whole site is built of several hundreds of pages, each made of a single .html file; there is no controller logic or anything.
Now I need to implement a couple of scripts globally throughout the site, and I was wondering if there is a quick and dirty way to accomplish this.
I was thinking to encapsulate every request through a sort of rudimental PHP controller that simply read the requested file, require it in the script and render it with the same exact content and URL, but with the necessary scrpts included before the closing </body> tag.
Unfortunately I'm quite a novice in this, and I'm afraid also to allowing some bad injection from external sources. What is the best way to achieve something like this? I'm on a linux apache server.
Here are two approaches:
1) PHP Wrapper
Along the lines of what you're asking for, you can use your web server redirect all incoming HTML requests to a PHP file that does the following:
Takes a reference to the HTML file
Opens and reads the file in to a string
Makes the changes
Outputs the modified content in the response
If you are using a server like Apache httpd you can use mod_redirect to handle redirection of the requested URL to your PHP file.
This approach is a bit inefficient since for each request the HTML content needs to be read and modified. The approach below of editing the files will be higher performance.
2) Edit HTML Files
You can write a script to go through all the .html files and programmatically edit them.
One implementation to do this would be to open each file and add some lines at the tome and some others near the bottom. A the top of each file you could add a require() for your PHP file:
<? php
require('path/to/myinclude.php');
?>
At the bottom of the HTML before the </body> tag, call your function in the myinclude.php file, for example:
....
<?
my_footer_function();
?>
</body>
</html>
Depending on your webserver, you may be able to have the PHP interpreter execute for the .html extension so you don't have to change file extensions, if that's your wish.
This way, after this edit, you can modify all the behavior in the my_footer_function() in all your files simply by changing the one myinclude.php.
I'm building a website that contains a considerable amount of object-oriented PHP code. To keep the code clean, each class is stored in a single file named [classname].class.php and require_once'd in the script file. Being a form evaluation script, it already has redirections based on the POST variable to prevent dummy execution and database errors.
How do I make it so anyone trying to access the .class.php files gets redirected to the related HTML page, but keep it usable by include and require?
you can either
put it outside the public_html folder
deny access/redirect using filename patterns in the .htaccess
build a small php code in (the top of every class file) that looks for a variable which is initialised in the index. If it's not there, redirect.
If you need further explanation on any of these, just ask.
I want to encode my codes with ionCube. But I do not know exactly how to prevent users from cracking it without encoding.
So I need some tips.
My project is a MVC.
Everything starts in index.php and it calls core.php and running goes.
How should I include files. How can I ensure that when a file is called it is the original one?
I know there is some PHP functions that print out function names, etc. I need to prevent this.
Users include index.php file from another file and try to get variables like using var_dump($_GLOBALS);
You can use the get_included_files function to see if there are other files included. But the best way is of course to trust your customers and regulate what they can and cannot do with your code through contracts.
I have a site complete with CMS etc all working under one domain name. It turns out for legal reasons one page on this site has to sit on a different domain name. The page is hooked into the same CMS as the rest of the site (built using codeigniter). I don't want to have to do another installation just for this page.
Is there any simple way to display just this page under a different domain name without taking it out of the current application?
Thanks a lot
You should look at either (in order):
an include()with correct php.ini configuration
a file_get_content() and printing the variable into your page
an <iframe src="yoururl"> wich would be the easy peasy but unsafe way
using the on-purprose curllibrary
using fopen() wich theorically allows distant files to be opened, but based on my experience, it's not that reliable
Look at this site, it seems rather exhaustive regarding your problem.
Try including the file
<?php include 'http://www.domain.com/url/to/file/page.html' ?>
I think what you need here is a symlink, which is something I don't know too much about. My understanding is that the path displayed to the user does not in fact have to have anything to do with where the file is actually stored, meaning you can set this up to have a completely different URL while keeping it as part of your original application.
A simpler thing is doing a redirect...it's one line of code in your .htaccess file and you're good to go.
include is a possible solution depending on the format of the remote page (ie, this won't work very well if the remote page has a full DOM structure, and you're trying to include the remote page within the DOM structure of your CMS page), however more information about that remote page would be needed to help determine if include() alone would be enough.
Regardless, if include() does, work, you must make sure allow_url_include in php.ini is enabled, as by default script execution will terminate when encoutering a remote URL include statement.