Hello there everybody! I've run into a problem lately when coding in PHP and file_get_contents. My problem is that when i load a website like this:
<? echo file_get_contents($_GET['url']); ?>
The pictures of the website i load doesn't show. For example when I go to Google, no pictures are shown. This is for every website i visit. How can i fix this?
The HTML page you are displaying assumes you also have the images available, which you don't as they are on the original page's server (e.g. Google.com).
The quickest way to make sure everything on the HTML page loads is to add <base href="http://www.google.com/" />. This tells the browser to go back to the original path for the rest of the contents including images, CSS, scripts etc.
You'll want to inject that between the <head></head> of the HTML page you're displaying. You could use a regular expression or Simple HTML DOM.
Hope that helps
Don't do this. You're stealing other web sites' content. It also doesn't work well, as you've noticed, since all relative URLs are broken.
Can you use an iframe instead? As in:
<iframe src="<?php echo htmlspecialchars($_GET['url']) ?>"></iframe>
This is nicer since you're not hiding the web site you're proxying from the end user.
I think this is because the image urls are relative <img src="/img/foo.png"> meaning it looks for the image on your server instead and say googles. Fixing this requires looking through all urls in the source and changing them from relative to absolute.
file_get_contents() does what it says, gets the content of the file or Url supplied as argument.
An HTML page doesn't have images inside it, they're not the page's content, the HTML page only has references to external files, that have their own content.
Related
I have a php page where I'm trying to load and then echo and external page, (which is sitting in the same server but in complete different path/domain, if that matters).
I've tried using both file_get_contents() and curl. They both correctly load the html of the target page, the problem is that it's not displaying correctly because that target page has relative links to several files (images, css, javascript).
Is there any way I can accomplish this with PHP? If not, what would be the next best way? The target site must look like it's being loaded from the initial page (URL-wise), I don't want to do a redirect.
So, the browser would show http://example.com/initial-page.php even though its contents come from http://example2.com/target-page.php
EDIT:
This is something that could easily be done with an iframe but I want to avoid that too for several reasons, one of them is because with and iframe it breaks the responsiveness of the target site. I can't change the code of the target site to fix that either.
In the end, the solution was a combination of what I was trying to do (using curl) and what WebRookie suggested using the base html tag in the page being loaded via curl.
In my particular case, I pass the base URL as a parameter in curl and I echo it in the loaded page, allowing me to load that same page from different websites (which was another reason why I wanted to do this).
Let's say, that I want to demonstrate a widget (or some HTML in a frame) that would be "injected" into another page.
For example: I want to show the people in Amazon.com that I can put let's say a ball image underneath every price tag they put on their web page. That is - I want to build a web server (or indeed a server less html web page) that would show their page and put some stuff of mine inside theirs. So it looks as if the client (Amazon.com here) has my software already installed on their server.
I am a web-dev total newbie, so if this is the simplest thing in the world please, ..
Thanks
There's TONS of special cases that can cause this to fail, but I'll present a simple way that will work for you on a decent amount of webpages(but not all).
save the webpages html source into a local html file.
edit the html source, adding a <base href="http://www.amazon.com/"> tag into the <head> element.
make any other modifcations to the page you want, such as adding new <script> tags to support your new functionality. Make sure your modifications use absolute urls.
If they navigate away from the page, your enhancements will obviously not carry onto the next page. ALso, you will have more success if you upload the file onto a web server. While a user can view the page by double clicking on the html file if they were to save it locally, differences in javascript security permissions will likely make some webpages not function correctly.
The reason you need to add the <base> tag is because the browser resolves relative urls by looking at the url in its address bar. So, if the amazon page had an image like this
<img src="logo.png">
and you saved the html and put it on you webserver at www.example.com, the browser would look for the image at www.example.com/logo.png, which clearly doesn't exist. The base tag tells it what base url to use.
If you need more automation, having them install a browser addon would be a good way to do this if your users are somewhat technical. Greasemonkey is a popular addon, and you can tell it to inject stuff into certain webpages. The benefit of an addon is that it can inject the new functionality into any page on the web, without you having to individually save and modify them. Also, it has the potential to work on all web pages, leaving their functionality perfectly in tact, opposed to the other suggestion. This is far more complicated though.
I want to parse a streaming website in PHP to find the streaming links and codes.
The streaming page ie index.htm looks like
<html>
<iframe> something something src= xyz.aspx?id=abc <iframe>
<\html>
When I parse the main page I can see those codes..but I need to parse the code of xyz.asx?id....
If I parse that page directly it doesnt show the streaming codes...
The main page and the iframe page somehow connected...
Is there any way to parse both at the same time..perhaps with referring or something..so the the second page thinks as if it is loaded on the stream page.
Any clue? Curl?
Since it seems like you are only searching for a couple codes, you might want to write a regex (GASP! I KNOW, REGEX + HTML = BAD, hear me out). I'd find a regex that captures all <iframe> tags. Then parse those for the src attribute, and then get the information that you need.
Edit: I don't think I understood your question entirely, you also want to embed the iframe'd page as if it were viewed in a browser?
If so, read on!
Ok, now that you have the src attribute of the <iframe>, just download the linked page (I'm a little rusty with PHP, I'm sure you can find one of the thousands of functions that would work) and str_replace() the <iframe> tag with the downloaded code
I suspect that this is impossible, but I'm trying to be optimistic...
I'm running a site that uses jquery & php. Via ajax, I'm dynamically loading images to a page. The problem is that the paths to the images are visible when you view the source of the page. I'm trying to figure out if it's possible to prevent the path from displaying? I just don't want anyone seeing those paths or being able to access them. So, I don't know if there's some sort of magical programming solution or something to do with htaccess, but if anyone knows how to accomplish this, I'd appreciate pointers / links / or brilliance...
As the browser needs to know where to fetch the data from, it cannot be hidden easily.
But you can it make the "attacker" a little bit harder. E.g., you can give URLs with a script behind loading the given images. The script does so only if called with the correct Referer: header.
Are Data URIs an option for you?
If not, preventing hotlinking (via Referer) would be the way I would do it, possibly with some obfuscation (depending on your user base).
Everything that's visible to the browser is visible to the clever user in one way or the other
You can hide them from lamers, but not from programmers
Anti-lamer techniques can include:
1) setting data-mangled-src attribute to something like ROT13(real-src), then doing
$('img').each(function () { $(this).attr('src', ROT13($(this).data('mangled-src')))})
2) setting some data-id attr, then AJAX-requesting the src from the server
But anyway, the URL goes to the browser, then it's visible to the user
3) And, of course, you can load your images into flash 'viewer', which is probably the most advanced way of hiding them
So... If you make the load path an internal link in php Requested through Ajax that should hide the path in network inspector... By this I mean maybe query a db that generates a temp path to the image that expires...
Then with the loaded image you could save it a canvas element... Thus no src
There are a few ways you can go about hiding image URLs.
Use a plugin: you can use flash, a java applet, etc to load the images
Use a traffic cop: you can set the source of all the images to a single PHP script, with some kind of parameter to specify which image you want. That script can check sessions variables / referer / whatever you want; if everything checks out, you can do a file_get_contents() to load the actual url of the image, then echo that out to the browser.
I've created a website to help you hide the image src of your precious photos and images.
My website will hide the source path of your image, and it also allows you to 'Lock' your photo to a specific domain eg. example.com so that the photo will only display example.com and not on facebook.com or wherever the link to the photo is reposted.
http://hideimgsrc.com
It's easier and faster than a java script based solution.
How to hide an iframe url in HTML source code.I have two applications one applications get an url of another application into its iFrame,so that it displays in its source code.I dont want to display another application url in the source code.
I think you would need to set the IFRAME URL via JavaScript. The Javascript could then be Obfuscated, so that the URL would not be in plain text... Please see the following link for the obfuscator:
http://www.javascriptobfuscator.com/Default.aspx
i.e. if it was jQuery...
$("#myiFrame").attr('src','http://www.google.com');
becomes:
var _0xc1cb=["\x73\x72\x63","\x68\x74\x74\x70\x3A\x2F\x2F\x77\x77\x77\x2E\x67\x6F\x6F\x67\x6C\x65\x2E\x63\x6F\x6D","\x61\x74\x74\x72","\x23\x6D\x79\x69\x46\x72\x61\x6D\x65"];$(_0xc1cb[3])[_0xc1cb[2]](_0xc1cb[0],_0xc1cb[1]);
You can't hide it per say, but you can run it through something like TinyURL so that anyone interested would need to go an extra step. Anyway, that's the only thing I can think of. However, if you are displaying that page in a frame, what's the harm in having the URL in the source code? There really isn't a good, foolproof way to prevent someone determined from finding out the location of that iframe page.
You can create a php script which uses curl to call the url through localhost, then use this script as your iframe source.
If you have an issue with relative links and sub-directories, you can put your curl script inside the sub-directory.