dsiftnc99059 2014-06-19 05:15
浏览 31
已采纳

如何在URL中传递php的位置?

i have a large number of files with several id's in each file. For example file1.php contains a number of paragraphs, each paragraph has a unique id. (id="1",id="2",id="3" etc...) I would like the ability to create a link to a page (page A.php) and pass the location of one of these id's in the url of the link to display in a php include on page A.php The result that i'm looking for is to have the entire file (file1.php) show up inside of page A.php with the specific id that is passed in the url being highlighted. Is this possible? or do I need to use Java Script and an iframe?

Here is what I ended up with: 

The url: http://mydomain/thispage.php?xul=http://mydomain.com/folder1/folder2/file.php&id=Abc150:176

The code: 

Stylesheet .vrsehilite{styling}

<script type="text/javascript">var x = <?php echo json_encode($_GET["id"]); ?>;</script>

<?php

$invdmn = "<h2>Error: Invalid Domain</h2>";
$filnf = "<h2>Error: File Not Found</h2>";
$pthinv = "<h2>Error: The Path is invalid</h2>";
$idinv = "<h2>Error: The ID is invalid</h2>";
$oops = "<br/><h2>Oops! Something went wrong.<br/><br/>Please click the back button or use the menu to go to a new page.</h2>";
$testdomain = substr_compare ($_GET['xul'],"http://mydomain.com",0,20,FALSE); //make sure the domain name is correct

if ($testdomain == 0) {
  $flurl = $_GET['xul'];
} else {
  echo $invdmn . " " . $oops;
}

$flurl_headers = @get_headers ($flurl);

if ($flurl_headers[0] == 'HTTP/1.1 404 Not Found') {
  echo $filnf . " " . $oops;  //Make sure the file exist
} else {
  $surl = str_replace (".com/",".com/s/",$flurl);
} //add some characters to url at point to explode

list($url1, $path) = explode ("/s/",$surl); //explode into array of 2 [0]url to domain [1] path
$testpath = substr_compare ($path,"file1/file2/",0,10,FALSE); //make sure the path is correct

if ($testpath == "0") {
  $aid = preg_match ("/^[A-Z][a-z]{2}(?:[1-9][0-9]?|1[0-4][0-9]|150):(?:[1-9][0-9]?|1[0-6][0-9]|17[0-6])$/", $_GET['id']);
} else {    //make sure the id is valid
   echo $pthinv . " " . $oops;
} 

if ($aid == 1) {
  include($path); 
  echo "<script type='text/javascript'>";
  echo "document.getElementById(x).className = 'vrsehilite';";
  echo "document.getElementById(x).scrollIntoView();";
  echo "window.scrollBy(0,-100);";
  echo "</script>";
} else {
  echo $idinv . " " . $oops;
}

?>
  • 写回答

1条回答 默认 最新

  • dongliqian6245 2014-06-20 05:55
    关注

    Never ever include arbitrary files submitted by the user. Instead, you should only include files from a pre-defined set of your choice. Perhaps something like this:

    PHP

    $files = array ('file1.php', 'file2.php', 'view.php', 'edit.php');
$id = (int)$_GET['id'];

if (isset ($files[$id])) {
  include $files[$id];
} else {
   /* Error */
}

    Or you could use a regular expression to accept only certain filenames, in this case 1 or more lower case letters followed by 0 or more digits.

    $m = array ();

if (   preg_match ('#^http://domain.example/folder1/folder2/([a-z]+[0-9]*\\.php)$#', $m)
    && file_exists ($m[1])) {
  include $m[1];
} else {
  /* Page not found */
}

    You may want to check the return value of include. You may also want to move the folders into the subpattern (...) or use regular expressions for the folder names.

    If all you need is to highlight a certain paragraph in a page, you should add a URL fragment that poins to the paragraph's id, and add CSS to style it. Eg:

    URL

    http://domain.example?id=1#p1

    HTML

    <p id=p1>This is the target paragraph.

    CSS

    p:target { /* Style the targeted <p> element */ }
    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论

报告相同问题?

悬赏问题

  • ¥15 2020长安杯与连接网探
  • ¥15 关于#matlab#的问题:在模糊控制器中选出线路信息,在simulink中根据线路信息生成速度时间目标曲线(初速度为20m/s,15秒后减为0的速度时间图像)我想问线路信息是什么
  • ¥15 banner广告展示设置多少时间不怎么会消耗用户价值
  • ¥16 mybatis的代理对象无法通过@Autowired装填
  • ¥15 可见光定位matlab仿真
  • ¥15 arduino 四自由度机械臂
  • ¥15 wordpress 产品图片 GIF 没法显示
  • ¥15 求三国群英传pl国战时间的修改方法
  • ¥15 matlab代码代写,需写出详细代码,代价私
  • ¥15 ROS系统搭建请教(跨境电商用途)