On Wed, 2009-05-27 at 13:03 +0200, Grega Leskovsek wrote:
> I have made a CMS with editing files. When I display the file name it
> shows something like "../subdir/filename.php"
> How can I display the actual filename that's on the web: like
> http://localhost/subdir/filename.php or even better if it is possible:
> http://domainname/subdir/filename.php ?
> Thanks in advance, Grega from Slovenia
> -- 
> When the sun rises I receive and when it sets I forgive ->
> http://users.skavt.net/~gleskovs/
> All the Love, Grega Leskov'sek
I assume the file in question is not the one actually running the

You could trim the periods from the filename string, and then attach the
domain prefix:

$prefix = 'http://domainname.com/';
$full_url = $prefix . trim($filename, '.');

Also, a word of warning. You shouldn't really let *anybody* edit a page
in such a way that they can insert their own PHP into a page. It's a
security risk, and should really be avoided if you can at all help it,
even if only for a single user. If you must let them enter simple PHP,
have you thought instead of having them enter something else (like
template-style commands) that can be checked and interpreted by your PHP
code, e.g. they enter this:


and it's replaced by your navbar code. That way, anything your code does
not recognise, is not able to cause any gaping security holes on your


PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Reply via email to