PHP Tutorial: Basic Template System [part 02]
Loading...
Uploader Comments (betterphp)
All Comments (14)
-
ignore it i had put in a extra semicolon and didnt notice it
-
@fatmouth100 well you have a redirect loop, so are you sure that your $_GET variable has the right name ? both tin the htaccess file and the php script.
-
}else{
$include_file = "{$core_path}/pages/home.page.
inc.php"; } says problem loading page
and the error msg says
The page isn't redirecting properly
Firefox has detected that the server is redirecting the request for this address in a way that will never complete.
This problem can sometimes be caused by disabling or refusing to accept cookies.
-
@betterphp this is the code i have and as far as i can see its exactly the same as yours from the video if (empty($_GET['page']));{ header('Location: home'); die(); } $core_path = dirname(__FILE__); $pages = scandir("{$core_path}/pages"); unset($pages[0], $pages[1]); foreach($pages as &$page){ $page = substr($page, 0, strpos($page, '.')); } if (in_array($_GET['page'], $page)){ $include_file = "{$core_path}/pages/".$_GET['p
ath'].".page.inc.php"; -
@fatmouth100 okay, well if you are getting a 404 error it means you have the url wrong :? have you got to the part with the htaccess file yet ? if not try deleting any htaccess files in the folders above the current one.
-
tired its been long day I should have copied and paste " $pages = scandir("{$core_path}/pages");
" -
tireid been a long day it was ment to be scandir
-
@fatmouth100 I doubt I used substr() like that, perhaps look more closely at that code.
-
just following this tutorial and 2 things seems to be wrong wether its just me where you have put $pages = substr("{$core_path}/page"); this doesnt seem to work in my setup also I just get a 404 error when clicking on the folder with these files in even though index.php is thier is thier n e thing in my php.ini that could be preventing this?
-
I like my method better :P - my template page just has a variable in the dynamic main part. then in every page i just set that variable then include the template.
Although your auto-updating menu is convenient O.o
3 videosPHP Tutorial: Basic Template System- 15:06
PHP Tutorial: Minecraft Server Info Using Minequery [part 01]by betterphp2,990 views
- 15:03
PHP Tutorial: Basic Template System [part 01]by betterphp1,468 views
- 14:20
PHP Tutorial: Blog (Including Commenting) [part 03]by betterphp1,325 views
- 13:16
PHP Tutorial: HTML5 Multiple File Upload [part 01]by betterphp4,313 views
- 6:24
PHP Tutorial: Blog (Including Commenting) [part 06]by betterphp997 views
- 15:03
PHP Tutorial: RSS Feed Generator [part 01]by betterphp1,617 views
- 17:29
PHP Tutorial: Simple Rating / Voting System [part 01]by betterphp1,268 views
- 15:16
PHP Tutorial: YouTube API Signature [part 01]by betterphp1,330 views
- 4:32
PHP Tutorial: Mailing List [part 00]by betterphp1,092 views
- 14:50
PHP Basics: Arraysby betterphp515 views
- 1:30
PHP Tutorial: Pagination [part 00]by betterphp1,269 views
- 3:16
Basic URL Rewrite with Mod_Rewriteby NuclearW0lf10,255 views
- 12:43
PHP Dynamic Pages Tutorial Part2by HardNameToFind1,658 views
- 1:21
HTML5 WebSockets with PHP (WAMP)by ek7x1292,270 views
- 9:33
Include and Require function [Php Tutorial #2];by KaiserVision954 views
- 5:31
Simple PHP Template System - Part 4 (Include Files Code)by HDVideoTutorials2,553 views
- 1:12
Create static URLs using .htaccess and PHPby sebastiansulinski3,739 views
- 12:14
.htaccess i mod_rewrite - tworzenie przyjaznych adresów URL dla wyszukiwarekby vantiapl443 views
- 20:46
PHP From Scratch - Arraysby ScoobyDooobyD00791 views
- 1:16
Testing for Apache Mod_Rewrite for WWWby eamonrodeck1,944 views
This seems quite an awkward way of doing something simple...
Wouldn't this method be much easier? pastebin . com/3xKQvYLz
homemadejam2006 8 months ago
@homemadejam2006 file_exists is vulnerable to null byte attacks, if someone had enough time they could get the include line to include a log file and execute random php code.
betterphp 8 months ago
@betterphp After looking into the Null Byte Attack a little (As I'd never heard of that one until you mentioned it), I've done a bit of testing, and I can't see that my code provided is vulnerable to this attack.
Anything added to the url is added to a variable which is made up from "p/FILENAME.php", and then that is checked. So even if someone were to add some code, it would end up searching to see if the file "p/../../mypasswordfile.txt\0.php" exists. Which it doesn't right? Or am I confused?
homemadejam2006 7 months ago
@homemadejam2006 \0 marks the end of the string in C (the language that the php compiler is written in) so by adding a \0 at the end of $_GET['page'] the user can *chop off* the .php. This then allows them to include any file. If you want to talk about it more can you post on the forum as youtube comments are impossible.
betterphp 7 months ago