dsiftnc99059 2014-06-19 05:15
浏览 31
已采纳

如何在URL中传递php的位置?

i have a large number of files with several id's in each file. For example file1.php contains a number of paragraphs, each paragraph has a unique id. (id="1",id="2",id="3" etc...) I would like the ability to create a link to a page (page A.php) and pass the location of one of these id's in the url of the link to display in a php include on page A.php The result that i'm looking for is to have the entire file (file1.php) show up inside of page A.php with the specific id that is passed in the url being highlighted. Is this possible? or do I need to use Java Script and an iframe?

Here is what I ended up with: 

The url: http://mydomain/thispage.php?xul=http://mydomain.com/folder1/folder2/file.php&id=Abc150:176

The code: 

Stylesheet .vrsehilite{styling}

<script type="text/javascript">var x = <?php echo json_encode($_GET["id"]); ?>;</script>

<?php

$invdmn = "<h2>Error: Invalid Domain</h2>";
$filnf = "<h2>Error: File Not Found</h2>";
$pthinv = "<h2>Error: The Path is invalid</h2>";
$idinv = "<h2>Error: The ID is invalid</h2>";
$oops = "<br/><h2>Oops! Something went wrong.<br/><br/>Please click the back button or use the menu to go to a new page.</h2>";
$testdomain = substr_compare ($_GET['xul'],"http://mydomain.com",0,20,FALSE); //make sure the domain name is correct

if ($testdomain == 0) {
  $flurl = $_GET['xul'];
} else {
  echo $invdmn . " " . $oops;
}

$flurl_headers = @get_headers ($flurl);

if ($flurl_headers[0] == 'HTTP/1.1 404 Not Found') {
  echo $filnf . " " . $oops;  //Make sure the file exist
} else {
  $surl = str_replace (".com/",".com/s/",$flurl);
} //add some characters to url at point to explode

list($url1, $path) = explode ("/s/",$surl); //explode into array of 2 [0]url to domain [1] path
$testpath = substr_compare ($path,"file1/file2/",0,10,FALSE); //make sure the path is correct

if ($testpath == "0") {
  $aid = preg_match ("/^[A-Z][a-z]{2}(?:[1-9][0-9]?|1[0-4][0-9]|150):(?:[1-9][0-9]?|1[0-6][0-9]|17[0-6])$/", $_GET['id']);
} else {    //make sure the id is valid
   echo $pthinv . " " . $oops;
} 

if ($aid == 1) {
  include($path); 
  echo "<script type='text/javascript'>";
  echo "document.getElementById(x).className = 'vrsehilite';";
  echo "document.getElementById(x).scrollIntoView();";
  echo "window.scrollBy(0,-100);";
  echo "</script>";
} else {
  echo $idinv . " " . $oops;
}

?>
  • 写回答

1条回答 默认 最新

  • dongliqian6245 2014-06-20 05:55
    关注

    Never ever include arbitrary files submitted by the user. Instead, you should only include files from a pre-defined set of your choice. Perhaps something like this:

    PHP

    $files = array ('file1.php', 'file2.php', 'view.php', 'edit.php');
$id = (int)$_GET['id'];

if (isset ($files[$id])) {
  include $files[$id];
} else {
   /* Error */
}

    Or you could use a regular expression to accept only certain filenames, in this case 1 or more lower case letters followed by 0 or more digits.

    $m = array ();

if (   preg_match ('#^http://domain.example/folder1/folder2/([a-z]+[0-9]*\\.php)$#', $m)
    && file_exists ($m[1])) {
  include $m[1];
} else {
  /* Page not found */
}

    You may want to check the return value of include. You may also want to move the folders into the subpattern (...) or use regular expressions for the folder names.

    If all you need is to highlight a certain paragraph in a page, you should add a URL fragment that poins to the paragraph's id, and add CSS to style it. Eg:

    URL

    http://domain.example?id=1#p1

    HTML

    <p id=p1>This is the target paragraph.

    CSS

    p:target { /* Style the targeted <p> element */ }
    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论

报告相同问题?

悬赏问题

  • ¥15 Python爬取指定微博话题下的内容,保存为txt
  • ¥15 vue2登录调用后端接口如何实现
  • ¥65 永磁型步进电机PID算法
  • ¥15 sqlite 附加(attach database)加密数据库时,返回26是什么原因呢?
  • ¥88 找成都本地经验丰富懂小程序开发的技术大咖
  • ¥15 如何处理复杂数据表格的除法运算
  • ¥15 如何用stc8h1k08的片子做485数据透传的功能?(关键词-串口)
  • ¥15 有兄弟姐妹会用word插图功能制作类似citespace的图片吗?
  • ¥15 latex怎么处理论文引理引用参考文献
  • ¥15 请教:如何用postman调用本地虚拟机区块链接上的合约?