我有大量文件,每个文件中有多个id。例如file1.php包含许多段落,每个段落都有一个唯一的id。 (id =" 1",id =" 2",id =" 3" etc ...)我希望能够创建指向页面的链接(页面A.php)并在链接的url中传递其中一个id的位置以显示在页面A.php上的php include中我想要的结果是拥有整个文件(file1.php)显示在页面A.php内部,其中突出显示了在URL中传递的特定ID。这可能吗?或者我需要使用Java Script和iframe吗?
以下是我最终的结果:
The url: http://mydomain/thispage.php?xul=http://mydomain.com/folder1/folder2/file.php&id=Abc150:176
代码:
Stylesheet .vrsehilite{styling}
<script type="text/javascript">var x = <?php echo json_encode($_GET["id"]); ?>;</script>
<?php
$invdmn = "<h2>Error: Invalid Domain</h2>";
$filnf = "<h2>Error: File Not Found</h2>";
$pthinv = "<h2>Error: The Path is invalid</h2>";
$idinv = "<h2>Error: The ID is invalid</h2>";
$oops = "<br/><h2>Oops! Something went wrong.<br/><br/>Please click the back button or use the menu to go to a new page.</h2>";
$testdomain = substr_compare ($_GET['xul'],"http://mydomain.com",0,20,FALSE); //make sure the domain name is correct
if ($testdomain == 0) {
$flurl = $_GET['xul'];
} else {
echo $invdmn . " " . $oops;
}
$flurl_headers = @get_headers ($flurl);
if ($flurl_headers[0] == 'HTTP/1.1 404 Not Found') {
echo $filnf . " " . $oops; //Make sure the file exist
} else {
$surl = str_replace (".com/",".com/s/",$flurl);
} //add some characters to url at point to explode
list($url1, $path) = explode ("/s/",$surl); //explode into array of 2 [0]url to domain [1] path
$testpath = substr_compare ($path,"file1/file2/",0,10,FALSE); //make sure the path is correct
if ($testpath == "0") {
$aid = preg_match ("/^[A-Z][a-z]{2}(?:[1-9][0-9]?|1[0-4][0-9]|150):(?:[1-9][0-9]?|1[0-6][0-9]|17[0-6])$/", $_GET['id']);
} else { //make sure the id is valid
echo $pthinv . " " . $oops;
}
if ($aid == 1) {
include($path);
echo "<script type='text/javascript'>";
echo "document.getElementById(x).className = 'vrsehilite';";
echo "document.getElementById(x).scrollIntoView();";
echo "window.scrollBy(0,-100);";
echo "</script>";
} else {
echo $idinv . " " . $oops;
}
?>
答案 0 :(得分:2)
从未 include
用户提交的任意文件。相反,您应该只有include
来自预先定义的您的选项的文件。也许是这样的:
$files = array ('file1.php', 'file2.php', 'view.php', 'edit.php');
$id = (int)$_GET['id'];
if (isset ($files[$id])) {
include $files[$id];
} else {
/* Error */
}
或者你可以使用正则表达式只接受某些文件名,在这种情况下是一个或多个小写字母后跟0或更多位数。
$m = array ();
if ( preg_match ('#^http://domain.example/folder1/folder2/([a-z]+[0-9]*\\.php)$#', $m)
&& file_exists ($m[1])) {
include $m[1];
} else {
/* Page not found */
}
您可能想要检查包含的返回值。您可能还希望将文件夹移动到子模式(...)
或使用正则表达式作为文件夹名称。
如果您只需要突出显示某个页面中的某个段落,则应该将段fragment
添加到段落的id
中,然后添加CSS以对其进行样式设置。例如:
http://domain.example?id=1#p1
<p id=p1>This is the target paragraph.
p:target { /* Style the targeted <p> element */ }