[PHP] Re: Converting HTML to BBCode [SOLVED]
Hi, Thank you for that - although I do have to admit that I don't understand a single bit of the reg-exp part. :) It is now working flawlessly! Here is the final code I used: ---CODE--- !-- Note - input textarea and submit button already coded here in XHTML -- ?php $text = ''; if ( isset($_POST['text']) ) { $text = $_POST['text']; if ( get_magic_quotes_gpc() ) { $text = $_POST['text']; $text = stripslashes($text); } } echo 'br /br /'; /** * Performes BBCode conversion for some simple HTML elements * * @staticvar string $str_http_valid * @staticvar array $arr_replace * @param string $string * @returnstring * @since Mon Mar 06 23:44:40 CST 2006 * @authorrsalazar */ function to_bbcode( $string ) { static $str_http_valid = '-:\/a-z.0-9_%+'; $arr_replace= array( /a\s+.*?(?=\b)href=(?(?=['\])(?:(['\])(.*?)\\1)|([$str_http_valid] *)).*?(.+?)\/a/Xis = '[link=\\2\\3]\\4[/link]', /img\s+.*?(?=\b)src=(?(?=['\])(?:(['\])(.*?)\\1)| ([$str_http_valid]*)).*?\/?/Xis = '[img]\\2\\3[/img]', '/(\/)?(strong|em)/Xise' = '( strcasecmp(em, \\2) ? [\\1b] : [\\1i] )', '/(\/?(?:b|i|u))/Xis' = '[\\1]', '/(\/)?[ou]l/Xis'= '[\\1list]', '/(\/)?li/Xise' = '( \\1 == ? [*] : )', ); $string = preg_replace(array_keys($arr_replace), array_values($arr_replace), $string); return $string; } $text = to_bbcode($text); echo 'textarea name=output' . $text . '/textarea'; ? ---/CODE--- Thank you very much for your help! I hope I get onto reg-exp and PREG stuff soon so that someday I might be able to understand that code.. :D Cheers, J_K9 First of all, the back-slashes added before a character is probably because of the gpc_magic_quotes directive in PHP, wich tries to escape the quotes (pretty stupid, if you ask me), so you must have to use strip_slashes() on the string you received, e.g: $text = ''; if ( isset($_POST['text']) ) { $text = $_POST['text']; if ( get_magic_quotes_gpc() ) { $text = stripslashes($text); } } Now, what you're trying to do is definetely not something basic, since you want to replace some non-fixed strings that can either be in lower or uppercase (and without changing the case of the rest of the text), so basicaly what you have are patterns (some kind of 'rules' that shall be followed by the tags) By your code I can tell you've already try a little the hard way to solve this issue, although it would be quite more laborious than that because you would have to search the string almost char-by-char (in a figurative way, but pretty much what PHP would be doing) for all the tags you want to replace, and possibly be working with two strings: one for the original text and other with a lowercase version of it (since you cannot search in a case-insensitive way --only in PHP5) Anyway, the medium/advanced way (IMHO) would be to use regular expressions. These are quite useful, but also rather cryptic, even for advanced users --sometimes it's easier to come up with a new one rather than understanding what already exists :p The function I've test with your test HTML-code is this one: /** * Performes BBCode conversion for some simple HTML elements * * @staticvar string $str_http_valid * @staticvar array $arr_replace * @param string $string * @returnstring * @since Mon Mar 06 23:44:40 CST 2006 * @authorrsalazar */ function to_bbcode( $string ) { static $str_http_valid = '-:\/a-z.0-9_%+'; $arr_replace= array( /a\s+.*?(?=\b)href=(?(?=['\])(?:(['\])(.*?)\\1)| ([$str_http_valid]*)).*?(.+?)\/a/Xis = '[link=\\2\\3]\\4[/link]', /img\s+.*?(?=\b)src=(?(?=['\])(?:(['\])(.*?)\\1)| ([$str_http_valid]*)).*?\/?/Xis = '[img]\\2\\3[/img]', '/(\/)?(strong|em)/Xise' = '( strcasecmp (em, \\2) ? [\\1b] : [\\1i] )', '/(\/?(?:b|i|u))/Xis' = '[\\1]', '/(\/)?[ou]l/Xis'= '[\\1list]', '/(\/)?li/Xise' = '( \\1 == ? [*] : )', ); $string = preg_replace(array_keys($arr_replace), array_values($arr_replace), $string); return $string; } As I mentiones before, keep in mind that reg-exp can be rather cryptic sometimes. Also, this is the raw code, it should be optimized but I'm feeling really lazy right now, so it should have to wait for a better ocasion. It's up to you to decide wheter you'll use this function or not, what I would recommend you is not to forget about regexp and give them a try later (when you're
[PHP] Re: Converting HTML to BBCode
Hi Al, Thank you for your reply. I have changed my code to the following: ---CODE--- ?php $text = $_REQUEST['text']; echo 'br /br /'; $translate_array = array( 'strong' = '[b]', '/strong' = '[/b]', 'b' = '[b]', '/b' = '[/b]', 'em' = '[i]', '/em' = '[/i]', 'i' = '[i]', '/i' = '[/i]', 'u' = '[u]', '/u' = '[/u]', 'a href=' = '[url=', '/a' = '[/url]', 'img src=' = '[img]', ' border=0 /' = '[/img]', 'ol' = '', '/ol' = '', 'li' = '[list]', '/li' = '[/list]' ); $find_array= array_keys($translate_array); $replace_array= array_values($translate_array); $text= preg_replace($find_array, $replace_array, $text); // Line 41 echo 'textarea name=output' . $text . '/textarea'; ? ---/CODE--- However, I get the following error appearing in between the two textareas: ---ERROR--- Warning: preg_replace() [function.preg-replace]: No ending matching delimiter '' found in /var/www/htdocs/file.php on line 41 Warning: preg_replace() [function.preg-replace]: No ending matching delimiter '' found in /var/www/htdocs/file.php on line 41 Warning: preg_replace() [function.preg-replace]: Delimiter must not be alphanumeric or backslash in /var/www/htdocs/file.php on line 41 ---/ERROR--- Thanks for your help so far! It'd be great if this works out ;) Cheers, J_K9 Here is an example for you. First make an array like this: $translate_array= array( ' ' = ' amp; ', '' = 'amp;', 'WOD'= 'Wamp;OD', 'O' = 'amp;O', 'MF' = 'Mamp;F', ); Then use: $find_array= array_keys($translate_array); $replace_array= array_values($translate_array); $text= preg_replace($find_array, $replace_array, $text); //with preg_replace you can make the $find stuff case insensitive OR simply: $text= strtr($text, $translate_array); -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Routing downloads through PHP
Curt Zirzow wrote: On Tue, Feb 14, 2006 at 09:02:50PM +, J_K9 wrote: Hi, I'm currently learning PHP, and I'd like to put it into practice to help me learn. I want to make a download script so that if the value of a certain variable is '1', the first download is selected, if it's '2', the second is selected, and so on... But, all the time, the download source's URI is not revealed. As I was saying, I have a vague idea of how to do it - but I know it's wrong. With the help of some others, I've managed to come up with this: |--- ||?php if(!empty($_GET['file_id'])) { switch ($_GET['file_id']) { case 0: echo Please specify a file ID; case 1: header(Location: ./hidden--files/downloadme.zip); break; ... This is a method is rather known as 'security by obscurity'. If you want to use this method instead of doing some sort of authentication system, you need to make your file_id's more obscure by using a more randomized value instead of 1,2,3... Curt. Hi, It is security through obscurity, but I thought it is a technique I should learn in case I would like to implement something similar in the future. The reason I am not coding an authentication system is because I have only just begun PHP, so am going for simple stuff. ;) The file_id's were just examples as well - to keep what I meant simple. How can I make that code work though? Is there another function I should be using to pass up the file as a download to the user, or is this just not possible? Thanks, J_K9 -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Routing downloads through PHP
Barry wrote: J_K9 wrote: Curt Zirzow wrote: On Tue, Feb 14, 2006 at 09:02:50PM +, J_K9 wrote: Hi, I'm currently learning PHP, and I'd like to put it into practice to help me learn. I want to make a download script so that if the value of a certain variable is '1', the first download is selected, if it's '2', the second is selected, and so on... But, all the time, the download source's URI is not revealed. As I was saying, I have a vague idea of how to do it - but I know it's wrong. With the help of some others, I've managed to come up with this: |--- ||?php if(!empty($_GET['file_id'])) { switch ($_GET['file_id']) { case 0: echo Please specify a file ID; case 1: header(Location: ./hidden--files/downloadme.zip); break; ... This is a method is rather known as 'security by obscurity'. If you want to use this method instead of doing some sort of authentication system, you need to make your file_id's more obscure by using a more randomized value instead of 1,2,3... Curt. Hi, It is security through obscurity, but I thought it is a technique I should learn in case I would like to implement something similar in the future. The reason I am not coding an authentication system is because I have only just begun PHP, so am going for simple stuff. ;) The file_id's were just examples as well - to keep what I meant simple. How can I make that code work though? Is there another function I should be using to pass up the file as a download to the user, or is this just not possible? Thanks, J_K9 Set the stream to download and use readfile. // Path to your file $path = ./hidden--files/downloadme.zip; // fix for IE catching or PHP bug issue header(Pragma: public); header(Expires: 0); // set expiration time header(Cache-Control: must-revalidate, post-check=0, pre-check=0); // browser must download file from server instead of cache // force download dialog header(Content-Type: application/force-download); header(Content-Type: application/octet-stream); header(Content-Type: application/download); // use the Content-Disposition header to supply a // recommended filename and // force the browser to display the save dialog. header(Content-Disposition: attachment; filename=.$path.;); header(Content-Transfer-Encoding: binary); header(Content-Length: .filesize($path)); readfile($path); have phun! Barry Hi, I tried out the code - I get more warnings about not being able to modify header information (I get one for each mention of header() in the code), and then beneath the warnings there are lines and lines of extended ASCII. ^^ That's because the force-download header isn't working, and therefore the .zip is being written to the output stream, right? I wonder why it's telling me that I cannot modify header information. Is there anything we've left out, or something like that? It isn't a browser issue, because I've tried it in both Firefox and IE... Thanks, J_K9 -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Routing downloads through PHP
Barry Krein wrote: J_K9 wrote: Barry wrote: J_K9 wrote: Curt Zirzow wrote: On Tue, Feb 14, 2006 at 09:02:50PM +, J_K9 wrote: Hi, I'm currently learning PHP, and I'd like to put it into practice to help me learn. I want to make a download script so that if the value of a certain variable is '1', the first download is selected, if it's '2', the second is selected, and so on... But, all the time, the download source's URI is not revealed. As I was saying, I have a vague idea of how to do it - but I know it's wrong. With the help of some others, I've managed to come up with this: |--- ||?php if(!empty($_GET['file_id'])) { switch ($_GET['file_id']) { case 0: echo Please specify a file ID; case 1: header(Location: ./hidden--files/downloadme.zip); break; ... This is a method is rather known as 'security by obscurity'. If you want to use this method instead of doing some sort of authentication system, you need to make your file_id's more obscure by using a more randomized value instead of 1,2,3... Curt. Hi, It is security through obscurity, but I thought it is a technique I should learn in case I would like to implement something similar in the future. The reason I am not coding an authentication system is because I have only just begun PHP, so am going for simple stuff. ;) The file_id's were just examples as well - to keep what I meant simple. How can I make that code work though? Is there another function I should be using to pass up the file as a download to the user, or is this just not possible? Thanks, J_K9 Set the stream to download and use readfile. // Path to your file $path = ./hidden--files/downloadme.zip; // fix for IE catching or PHP bug issue header(Pragma: public); header(Expires: 0); // set expiration time header(Cache-Control: must-revalidate, post-check=0, pre-check=0); // browser must download file from server instead of cache // force download dialog header(Content-Type: application/force-download); header(Content-Type: application/octet-stream); header(Content-Type: application/download); // use the Content-Disposition header to supply a // recommended filename and // force the browser to display the save dialog. header(Content-Disposition: attachment; filename=.$path.;); header(Content-Transfer-Encoding: binary); header(Content-Length: .filesize($path)); readfile($path); have phun! Barry Hi, I tried out the code - I get more warnings about not being able to modify header information (I get one for each mention of header() in the code), and then beneath the warnings there are lines and lines of extended ASCII. ^^ That's because the force-download header isn't working, and therefore the .zip is being written to the output stream, right? I wonder why it's telling me that I cannot modify header information. Is there anything we've left out, or something like that? It isn't a browser issue, because I've tried it in both Firefox and IE... Thanks, J_K9 // This script will not work!! echo ZOMG! ITS NOT WORKING!; header (Loaction: hahaha.php); // This script will work! header (Blah: BLUBB); echo ZOMG! IT WORKS!; This is what I used: ?php // fix for IE catching or PHP bug issue header(Pragma: public); header(Expires: 0); // set expiration time header(Cache-Control: must-revalidate, post-check=0, pre-check=0); // browser must download file from server instead of cache // force download dialog header(Content-Type: application/force-download); header(Content-Type: application/octet-stream); header(Content-Type: application/download); // Path to your file $path = zipdata/downloadme.zip; // use the Content-Disposition header to supply a // recommended filename and // force the browser to display the save dialog. header(Content-Disposition: attachment; filename=.$path.;); header(Content-Transfer-Encoding: binary); header(Content-Length: .filesize($path)); readfile($path); ? As you can see, there is no output before the headers are set. In fact, the error say that the headers were set on line 6, which is ?php. How can this be? Is there something I need to turn off like default headers? Thanks, J_K9 -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Routing downloads through PHP
Barry wrote: J_K9 wrote: This is what I used: ?php // fix for IE catching or PHP bug issue header(Pragma: public); header(Expires: 0); // set expiration time header(Cache-Control: must-revalidate, post-check=0, pre-check=0); // browser must download file from server instead of cache // force download dialog header(Content-Type: application/force-download); header(Content-Type: application/octet-stream); header(Content-Type: application/download); // Path to your file $path = zipdata/downloadme.zip; // use the Content-Disposition header to supply a // recommended filename and // force the browser to display the save dialog. header(Content-Disposition: attachment; filename=.$path.;); header(Content-Transfer-Encoding: binary); header(Content-Length: .filesize($path)); readfile($path); ? As you can see, there is no output before the headers are set. In fact, the error say that the headers were set on line 6, which is ?php. How can this be? Is there something I need to turn off like default headers? Thanks, J_K9 What is before line 6? Because the ?php should be at line 1 could you post the code from line 1 to line 10? Lines 1-10: html head titleDownloads/title /head body ?php // fix for IE catching or PHP bug issue header(Pragma: public); header(Expires: 0); // set expiration time Should I remove the HTML? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Routing downloads through PHP
Lines 1-10: html head titleDownloads/title /head body ?php // fix for IE catching or PHP bug issue header(Pragma: public); header(Expires: 0); // set expiration time Should I remove the HTML? Exactly! HTML is output ya know? Well, technically that isn't text output - it's only setting a title... ;) Anyway, I moved the PHP to the top of the file (ie. before the HTML), but now I'm getting a 500 Internal error... Here's the full code I'm using: ?php header(Pragma: public); header(Expires: 0); // set expiration time header(Cache-Control: must-revalidate, post-check=0, pre-check=0); header(Content-Type: application/force-download); header(Content-Type: application/octet-stream); header(Content-Type: application/download); $path = zipdata/downloadme.zip; header(Content-Disposition: attachment; filename=.$path.;); header(Content-Transfer-Encoding: binary); header(Content-Length: .filesize($path)); readfile($path); ? html head titleDownloads/title /head body /body /html Any idea what could be going wrong? Thanks, J_K9 -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Routing downloads through PHP
Barry wrote: Technically: PHP is server sided, so anything that is sended to browser like HTML output is output. Any output in text format sended to the browser (HTML headers and such) will be recognized as normal output. The header you set with header() is a HTTP header not HTML header. that's why it wasn't working. Well a 500 error is an internal error so probably your php isnt running as it has to, probably because it is parsed through cgi or such.*shrug* By the way, you dont have to add the HTML tags. You just need plain PHP. Oh, ok. I've now removed the HTML (but still getting a 500 error) Misconfigured server? What server do you use? What PHP version? Barry Apache 1.3.34, with PHP 4.4.1. Here's the exact 500 error I'm getting: Internal Server Error The server encountered an internal error or misconfiguration and was unable to complete your request. Please contact the server administrator, [EMAIL PROTECTED] and inform them of the time the error occurred, and anything you might have done that may have caused the error. More information about this error may be available in the server error log. Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request. Thanks, J_K9 -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Routing downloads through PHP
Duncan Hill wrote: On Wednesday 15 February 2006 11:05, J_K9 wrote: Here's the exact 500 error I'm getting: Standard Apache error. Look in your error log for more details like it suggests? I would, but I can't find it. I thought it was under /var/log, but having taken a good look I just can't find the logs. And the fact that I can't use slocate to find them because I can't get root access to run updatedb doesn't help either ;) -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Routing downloads through PHP
Duncan Hill wrote: On Wednesday 15 February 2006 11:35, J_K9 wrote: Duncan Hill wrote: On Wednesday 15 February 2006 11:05, J_K9 wrote: Here's the exact 500 error I'm getting: Standard Apache error. Look in your error log for more details like it suggests? I would, but I can't find it. I thought it was under /var/log, but having taken a good look I just can't find the logs. And the fact that I can't use slocate to find them because I can't get root access to run updatedb doesn't help either ;) If you have read access to the apache configuration files, the ErrorLog statement (+ServerRoot) should tell you where your logs are. (There's no need to CC me, I get the list :p) Nothing's in the right place! I can't even find the Apache conf file... This is the problem with using external hosting - they do things differently. :@ Aren't there any PHP functions I can use to let me know where the errors are happening? I'm sure I've seen one somewhere; I just don't remember it, that's all... ;) Thanks, J_k9 -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Routing downloads through PHP
Barry wrote: J_K9 wrote: Duncan Hill wrote: On Wednesday 15 February 2006 11:35, J_K9 wrote: Duncan Hill wrote: On Wednesday 15 February 2006 11:05, J_K9 wrote: Here's the exact 500 error I'm getting: Standard Apache error. Look in your error log for more details like it suggests? I would, but I can't find it. I thought it was under /var/log, but having taken a good look I just can't find the logs. And the fact that I can't use slocate to find them because I can't get root access to run updatedb doesn't help either ;) If you have read access to the apache configuration files, the ErrorLog statement (+ServerRoot) should tell you where your logs are. (There's no need to CC me, I get the list :p) Nothing's in the right place! I can't even find the Apache conf file... This is the problem with using external hosting - they do things differently. :@ Aren't there any PHP functions I can use to let me know where the errors are happening? I'm sure I've seen one somewhere; I just don't remember it, that's all... ;) Thanks, J_k9 The error you get is an Apache error and has nothing to do with php so there are no error reportings within PHP for apache. There might be a problem setting the content header prolly because Apache dont have them or what the hell i know. Sorry i can't help from here without any log output and or config files. Doesn't locate work on you system? $ locate log Probably you have a virtual hosting. look at /var/www Otherwise no idea. The code is okay, i use it myself and it works just great. Greets Barry No - I'll have to get in contact with my hosting support team, because this is beginning to annoy me. locate doesn't work because it has no database to work from - and I can't updatedb because I don't have the necessary perms. I tried a 'find -name 'httpd.conf'', but that didn't work because it spat out a bunch of tasks from within /proc and also references to /home/user.daily/etc, ~.daily/ssl, ~.daily/mail, and a few more from there: all of which I don't have permission to access. Thanks for confirming that it works though - now all I have to do is send an email to the support team and wait for their reply. :) Cheers, J_K9 -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Routing downloads through PHP
Barry wrote: Michael Crute wrote: May I suggest you get a cheap box (you could build one for a few hundred bucks, or ebay), get a copy of your favorite linux distro and do development locally, beats the heck out of external hosting for development/learning stuff. -Mike probably. yes. But when you have some bad hosting provider using insert crappy website admin tool in here, then developing local might also be problematic, because online it might wont work. I have some ensim crappy admin tool online (switch it soon though just started here at the company) and it really does suck. because its based on red Hat 7.3 and RPM package stuff. Installing new rpm impossible and compiling anything would f**ck up the whole admin tool. Yay that rocks _ Good point Michael - I do have an old laptop lying around here (which I usually use for tests), so I could easily convert that into a server. I've already contacted my hosters, so I should receive an answer pretty soon. As for the code - lemme get down to setting up that server ;) Thanks guys for all your help - I'll let you know if it works out! J_K9 -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Routing downloads through PHP - Thanks!
Thanks everyone, especially Barry for that great script which I've tested on a home server and _does_ work... So, I'm going to wait for my external hosting company to get back to me and alter the files there so that it'll work on my website. Thanks again! ;-) J_K9 -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] missing modules ??? help please ...
Mehmet Fatih Akbulut wrote: but i didnt install php from its source :'( used apt-get install ... its not a good idea to uninstall php5 and reinstall it from source :'( anything else that can be done to get rid of memoy limitation ;) ? It looks like you will either have to recompile it from source, or do what Chris said. To solve the module problem: It depends. If you're using a packaged system (debian, fedora etc etc) - install the modules package (php-imap, php-mcrypt). I think by that he means to try apt-getting them. ie. apt-get install php-imap apt-get install php-mcrypt, but I'm not sure. And, to solve the other issue (memory_limit) just place this at the beginning of all your PHP scripts: ini_set('memory_limit', -1); By the way - that is all Chris' work. :) He has already proposed ways which you can resolve the problems - you've just got to choose which path to take. Cheers, J_K9 -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] HN CAPTCHA at http://www.phpclasses.org
Roger Thomas wrote: I am currently testing HN CAPTCHA and noticed that the range of alphabets that were produced ranges from A..F only. My PHP skill is quite limited to change that to A..Z so if ppl here have any experience with that class, appreciate your thoughts. TIA. HN CAPTCHA: http://www.phpclasses.org/browse/package/1569.html --roger --- Sign Up for free Email at http://ureg.home.net.my/ --- How about sending us the code so that we can have a look? If not we have to register there... Cheers, J_K9 -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Routing downloads through PHP
Hi, I'm currently learning PHP, and I'd like to put it into practice to help me learn. I want to make a download script so that if the value of a certain variable is '1', the first download is selected, if it's '2', the second is selected, and so on... But, all the time, the download source's URI is not revealed. As I was saying, I have a vague idea of how to do it - but I know it's wrong. With the help of some others, I've managed to come up with this: |--- ||?php if(!empty($_GET['file_id'])) { switch ($_GET['file_id']) { case 0: echo Please specify a file ID; case 1: header(Location: ./hidden--files/downloadme.zip); break; case 2: header(Location: ./hidden--files/downloadmetoo.zip); break; default: echo No file found with that id; } exit(); } else { echo Please specify a file ID; } ?| |---| | |However, this doesn't work. What I want is something like: when I access the URL http://example.com/download.php?file_id=1 , a download of http://example.com/hidden--files/downloadme.zip http://example.com/hidden--files/download1.zip will come up but without displaying where the file is. How can I do this? Thanks, J_K9 -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Routing downloads through PHP
Hi, Thanks for replying. Here's the code I put into download.php: - ? $fileid = $_GET['file_id']; $filearray = array( a0=data/download1.zip, a1=data/download2.zip); $location = $filearray['a'.$fileid]; if($location!='') { header(LOCATION: $location); } ? But when I send it: http://example.com/download.php?file_id=0 , I get the following error- Warning: Cannot modify header information - headers already sent by (output started at /public_html/download.php:6) in /public_html/download.php on line 18 Any idea what's going wrong? Thanks, J_K9 Russell Jones wrote: ? $fileid = $_GET['file_id']; $filearray = array( a0=filename.zip, a1=filename2.zip, a2=filename3.zip); $location = $filearray['a'.$fileid]; if($location!='') { header(LOCATION: $location); } ? ? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Routing downloads through PHP
(Reply beneath quotes) Richard Lynch wrote: On Tue, February 14, 2006 3:41 pm, J_K9 wrote: ? $fileid = $_GET['file_id']; $filearray = array( a0=data/download1.zip, a1=data/download2.zip); $location = $filearray['a'.$fileid]; if($location!='') { header(LOCATION: $location); } ? But when I send it: http://example.com/download.php?file_id=0 , I get the following error- Warning: Cannot modify header information - headers already sent by (output started at /public_html/download.php:6) in /public_html/download.php on line 18 Any idea what's going wrong? Line 6 was printing something out, or has an error message being printed. The other wrong thing is that you should use Location: and not LOCATION: (the capitalization is, I think, actually significant, at least in practice) Line 6 was the beginning of the PHP script: ?php. I have also changed the LOCATION references to Location, but that has not fixed the error (although as you said, I might as well get into good habits now ;) And, finally, if you don't want people to know where the files are, then sending a Location: header is the wrong way to go. They'll possibly end up bookmarking the result URL, which will bypass your URL that is supposed to be hiding the location in the first place. You would want to do something like: readfile($filearray['a' . $_REQUEST['file_id']]); Using the readfile function, I got an even more confusing error. Isn't readfile() just piping the file to stdout? Because with this code - ?php $filearray = array( a0=data/download1.zip, a1=data/download2.zip); readfile($filearray['a' . $_REQUEST['file_id']]); ? - I get a series of random extended ASCII characters. Oh, the error message on line 6 is probably about using an un-initialized variable $fileid, since it's really $file_id. And you should have turned off register_globals, so it's really really $_REQUEST['file_id'] or $_GET['file_id'] if you insist on separating GET and POST parameters, though I've never quite understood why some insist on doing that, since they are equally open to attack... In particular, the reason you really really really want register_globals OFF is that somebody could do this: http://example.com/download.php?filearray[a3]=/etc/passwdfile_id=3 [*] Ah,I now see why register_globals should be turned off. I have read about disabling it (it is currently enabled) either from within a .htaccess file (although I'm not sure where) or by changing a line in php.ini. As I am running a LAMP server and have not had too much experience with PHP before, could you please tell me how I can disable them? I've also got magic_quotes_gpc on, although I haven't had the time to check why that's a risk. Where have I used register_globals anyway, just so that I can avoid using them in the future? :) Thanks for your help - and I hope we eventually find a way of making this work ;) J_K9 -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php