如何在URL中传递php的位置?

时间:2014-06-19 05:15:41

标签: php

我有大量文件,每个文件中有多个id。例如file1.php包含许多段落,每个段落都有一个唯一的id。 (id =" 1",id =" 2",id =" 3" etc ...)我希望能够创建指向页面的链接(页面A.php)并在链接的url中传递其中一个id的位置以显示在页面A.php上的php include中我想要的结果是拥有整个文件(file1.php)显示在页面A.php内部,其中突出显示了在URL中传递的特定ID。这可能吗?或者我需要使用Java Script和iframe吗?

以下是我最终的结果:

The url: http://mydomain/thispage.php?xul=http://mydomain.com/folder1/folder2/file.php&id=Abc150:176

代码:

Stylesheet .vrsehilite{styling}

<script type="text/javascript">var x = <?php echo json_encode($_GET["id"]); ?>;</script>

<?php

$invdmn = "<h2>Error: Invalid Domain</h2>";
$filnf = "<h2>Error: File Not Found</h2>";
$pthinv = "<h2>Error: The Path is invalid</h2>";
$idinv = "<h2>Error: The ID is invalid</h2>";
$oops = "<br/><h2>Oops! Something went wrong.<br/><br/>Please click the back button or use the menu to go to a new page.</h2>";
$testdomain = substr_compare ($_GET['xul'],"http://mydomain.com",0,20,FALSE); //make sure the domain name is correct

if ($testdomain == 0) {
  $flurl = $_GET['xul'];
} else {
  echo $invdmn . " " . $oops;
}

$flurl_headers = @get_headers ($flurl);

if ($flurl_headers[0] == 'HTTP/1.1 404 Not Found') {
  echo $filnf . " " . $oops;  //Make sure the file exist
} else {
  $surl = str_replace (".com/",".com/s/",$flurl);
} //add some characters to url at point to explode

list($url1, $path) = explode ("/s/",$surl); //explode into array of 2 [0]url to domain [1] path
$testpath = substr_compare ($path,"file1/file2/",0,10,FALSE); //make sure the path is correct

if ($testpath == "0") {
  $aid = preg_match ("/^[A-Z][a-z]{2}(?:[1-9][0-9]?|1[0-4][0-9]|150):(?:[1-9][0-9]?|1[0-6][0-9]|17[0-6])$/", $_GET['id']);
} else {    //make sure the id is valid
   echo $pthinv . " " . $oops;
} 

if ($aid == 1) {
  include($path); 
  echo "<script type='text/javascript'>";
  echo "document.getElementById(x).className = 'vrsehilite';";
  echo "document.getElementById(x).scrollIntoView();";
  echo "window.scrollBy(0,-100);";
  echo "</script>";
} else {
  echo $idinv . " " . $oops;
}

?>

1 个答案:

答案 0 :(得分:2)

从未 include用户提交的任意文件。相反,您应该只有include来自预先定义的您的选项的文件。也许是这样的:

PHP

$files = array ('file1.php', 'file2.php', 'view.php', 'edit.php');
$id = (int)$_GET['id'];

if (isset ($files[$id])) {
  include $files[$id];
} else {
   /* Error */
}

或者你可以使用正则表达式只接受某些文件名,在这种情况下是一个或多个小写字母后跟0或更多位数。

$m = array ();

if (   preg_match ('#^http://domain.example/folder1/folder2/([a-z]+[0-9]*\\.php)$#', $m)
    && file_exists ($m[1])) {
  include $m[1];
} else {
  /* Page not found */
}

您可能想要检查包含的返回值。您可能还希望将文件夹移动到子模式(...)或使用正则表达式作为文件夹名称。


如果您只需要突出显示某个页面中的某个段落,则应该将段fragment添加到段落的id中,然后添加CSS以对其进行样式设置。例如:

URL

http://domain.example?id=1#p1

HTML

<p id=p1>This is the target paragraph.

CSS

p:target { /* Style the targeted <p> element */ }