Jump to content

Help with changing URL's in PHP code.

Skylight_lady

By Skylight_lady
in PHP Coding Help

 Share

Recommended Posts

Skylight_lady Member

Skylight_lady

Posted
Posted

Hi guys, i have a system and was asked to develop the site with the current system. These are sometimes a pain but it is an old system and i'm trying to change the url's which is seems to be hard to do with this kind of code.

 

set_time_limit(60);

include 'includes/config.php';
include 'includes/logfile.php';
include 'includes/databasefile.php';
include 'includes/templatefile.php';
$log 	= new cLog;
$db 	= new cDatabase;


//first run ssl check if necessary
if ($_SERVER['SERVER_PORT'] == "80" && $sslredirect == 1) {
header ("Location: https://" . $_SERVER['HTTP_HOST'] . $_SERVER['SCRIPT_NAME'] . "?" . $_SERVER['QUERY_STRING']);
exit(0);
}


//first, determine page requested
list ($junk, $request) 	= split ("\?/", $_SERVER['REQUEST_URI']);
list ($uri, $data) 		= split ("!", $request);
$uriarray				= split ("/", $uri);

//check for login/logout request
list ($junk, $request) 	= split ("\?", $_SERVER['REQUEST_URI']);
if ($request == 'login') {
header ("Location: login.php");
exit(0);
} else if ($request == 'logout') {
header ("Location: logout.php");
exit(0);
}

if ($data != "") {
//parse internal variables
$dataarray = split ("&", $data);
foreach ($dataarray as $line) {
	list ($cmd, $val) = split ("=", $line);
	$arr_cmds[$cmd] = urldecode ($val);
}
}

$pagename 				= $db->escape($uriarray[count($uriarray)-2]);
$sectionname			= $db->escape($uriarray[count($uriarray)-3]);

if ($pagename == "") 	{ 	$pagename = "home"; }
if ($sectionname == "") { 	$sectionname = "home"; }

$urlpagename 			= $pagename;
$urlsectionname1 		= $sectionname;
$urlsectionname2 		= $db->escape($uriarray[count($uriarray)-4]);


//handle any commands, then redirect back to page
$cmd = $_REQUEST['cmd'];
if ($cmd == "-displayelement") {
$elementid = $db->escape($_REQUEST['elementid']);
if ($_REQUEST['surpresshtml'] == "") {
	echo "<html><head><link href='templates/css.css' rel='stylesheet' type='text/css'></head>\n";
		}
if ($_REQUEST['global'] == "1") {
	$query = $db->query("select ComponentName, Data from table_globalelements where (ElementID = '$elementid')");
} else {
	$query = $db->query("select ComponentName, Data from table_elements where (ElementID = '$elementid')");
}
$r = $db->fetch_array($query);
$currentcomponentname = $r['ComponentName'];
$data = stripslashes($r['Data']);

//find matching component and launch display function
$dir_handle = opendir("com/components/");
while ($file = readdir($dir_handle)) {
	$filenoext = str_replace (".php", "", $file);
	if ($filenoext == $currentcomponentname) {
		include "com/components/" . $file;
		echo call_user_func(array($currentcomponentname, 'display'), $data);
		break;
	}
}
if ($_REQUEST['surpresshtml'] == "") { echo "</body></html>\n"; }
exit (0);

} else if ($cmd == '-editelement') {
$elementid = $db->escape($_REQUEST['elementid']);

if (isset($_SESSION['UserID'])) {
	$query = $db->query("select UserID, AdminFlag from table_users where (UserID = '" . $_SESSION['UserID'] . "')");
	$r = $db->fetch_array($query);
	$userid = $r['UserID'];
	$adminflag = $r['AdminFlag'];

	if ($adminflag != "1") {
		$query = $db->query ("select ComponentName, Data, PageID from table_elements where (ElementID = '$elementid' and UserID = '$userid')");
	} else {
		$query = $db->query ("select ComponentName, Data, PageID from table_elements where (ElementID = '$elementid')");
	}
	$r = $db->fetch_array($query);
	$currentcomponentname = $r['ComponentName'];
	$data = stripslashes($r['Data']);
	$pageid = $r['PageID'];

	//handle request
	$cmd = $_REQUEST['greyboxcmd'];
	if ($cmd == 'save') {
		$elementid = $db->escape($_REQUEST['ElementID']);
		$data = $db->escape($_REQUEST['Data']);

		//find matching component and launch save function
		$dir_handle = opendir("com/components/");
		while ($file = readdir($dir_handle)) {
			$filenoext = str_replace (".php", "", $file);
			if ($filenoext == $currentcomponentname) {;
				include "com/components/" . $file;
				$data = call_user_func(array($currentcomponentname, 'save'));
				if ($adminflag != "1") {
					$query = $db->query("update table_elements set Data = '$data' where (ElementID = '$elementid' and UserID = '$userid')");
				} else {
					$query = $db->query("update table_elements set Data = '$data' where (ElementID = '$elementid')");
				}
				echo "<script type='text/javascript'>parent.location.reload(true); parent.GB_hide();</script>\n";
				exit(0);
			}
		}
		echo "Error: component not found...";
	}

	//find matching component and launch edit function
	echo "<html><head><link href='templates/css.css' rel='stylesheet' type='text/css'><script type='text/javascript' src='templates/openwysiwyg/wysiwyg.js'></script></head>\n";
	echo "<body style='text-align: center;'><form name='Form0' enctype='multipart/form-data' method='post' action='" . $_SERVER['REQUEST_URI'] . "'>\n";
	$dir_handle = opendir("com/components/");
	while ($file = readdir($dir_handle)) {
		$filenoext = str_replace (".php", "", $file);
		if ($filenoext == $currentcomponentname) {;
			include "com/components/" . $file;
			echo call_user_func(array($currentcomponentname, 'edit'), $data);
			break;
		}
	}
	echo "<input type='hidden' name='ElementID' value='$elementid'><input type='submit' name='Save' value='Save' class='smallbutton'>\n";
	echo "<input type='button' name='Cancel' value='Cancel' onclick='parent.GB_hide();' class='smallbutton'>\n";
	echo "<input type='hidden' name='greyboxcmd' value='save'></form></body></html>\n";
	exit (0);
} else {
	echo "<script type='text/javascript'>parent.GB_hide();</script>\n";
	exit (0);
}

} else if ($cmd == '-editglobalelement') {
$elementid = $db->escape($_REQUEST['elementid']);

if (isset($_SESSION['UserID'])) {
	$query = $db->query("select UserID, AdminFlag from table_users where (UserID = '" . $_SESSION['UserID'] . "')");
	$r = $db->fetch_array($query);
	$userid = $r['UserID'];
	$adminflag = $r['AdminFlag'];

	if ($adminflag != "1") {
		echo "Security - Out of bounds";
		exit(0);
	}
	$query = $db->query ("select ComponentName, Data from table_globalelements where (ElementID = '$elementid')");
	$r = $db->fetch_array($query);
	$currentcomponentname = $r['ComponentName'];
	$data = stripslashes($r['Data']);

	//handle request
	$cmd = $_REQUEST['greyboxcmd'];
	if ($cmd == 'save') {
		$elementid = $db->escape($_REQUEST['ElementID']);
		$data = $db->escape($_REQUEST['Data']);

		//find matching component and launch save function
		$dir_handle = opendir("com/components/");
		while ($file = readdir($dir_handle)) {
			$filenoext = str_replace (".php", "", $file);
			if ($filenoext == $currentcomponentname) {;
				include "com/components/" . $file;
				$data = call_user_func(array($currentcomponentname, 'save'));
				$query = $db->query("update table_globalelements set Data = '$data' where (ElementID = '$elementid')");
				echo "<script type='text/javascript'>parent.location.reload(true); parent.GB_hide();</script>\n";
				exit(0);
			}
		}
		echo "Error: component not found...";
	}

	//find matching component and launch edit function
	echo "<html><head><link href='templates/css.css' rel='stylesheet' type='text/css'><script type='text/javascript' src='templates/openwysiwyg/wysiwyg.js'></script></head>\n";
	echo "<body style='text-align: center;'><form name='Form0' enctype='multipart/form-data' method='post' action='" . $_SERVER['REQUEST_URI'] . "'>\n";
	$dir_handle = opendir("com/components/");
	while ($file = readdir($dir_handle)) {
		$filenoext = str_replace (".php", "", $file);
		if ($filenoext == $currentcomponentname) {;
			include "com/components/" . $file;
			echo call_user_func(array($currentcomponentname, 'edit'), $data);
			break;
		}
	}
	echo "<input type='hidden' name='ElementID' value='$elementid'><input type='submit' name='Save' value='Save' class='smallbutton'>\n";
	echo "<input type='button' name='Cancel' value='Cancel' onclick='parent.GB_hide();' class='smallbutton'>\n";
	echo "<input type='hidden' name='greyboxcmd' value='save'></form></body></html>\n";
	exit (0);
} else {
	echo "<script type='text/javascript'>parent.GB_hide();</script>\n";
	exit (0);
}
}

//lookup page details
$query = $db->query("select p.PageID, p.PageTitle, p.SectionID, p.TemplateID, p.UserID, p.LastUpdate, p.SectionName, s.SectionTitle, s.GroupID, s.Protected, p.Keywords, p.PageName from table_pages as p left join table_sections as s on s.SectionName = p.SectionName where (p.PageName = '$pagename' and s.SectionName = '$sectionname') limit 1");
if (!$pagedetails = $db->fetch_array($query)) {
echo "404";
exit(0);
}


//check for privileges section
if ($pagedetails[8] != "" && $pagedetails[8] != "0") {
$sectionname = stripslashes($pagedetails[6]);
if (!isset($_SESSION['Username']) && !isset($_REQUEST['Username'])) {
	echo "This is a restricted area. Please login.<br/><br/>";
	echo "<form action='index.php' method='get'>Username: <input type='text' name='Username'><br/>\n";
	echo "Password: <input type='password' name='Password'><br/>\n";
	echo "<input type='submit' name='Login' value='Login'></form><br/>\n";
	exit;
} else {
	$username = $db->escape ($_REQUEST['Username']);
	$password = $db->escape ($_REQUEST['Password']);
	if ($username == "") { $username = $db->escape ($_SESSION['Username']); }
	if ($password == "") { $password = $db->escape ($_SESSION['Password']); }

	$query = $db->query("select UserID, Password, RealName, Email, GroupID, AdminFlag from table_users where (Username = '$username')");
	$r = $db->fetch_array($query);
	$dbpassword = $r['Password'];
	if ($password == $dbpassword) {
		$_SESSION['Username'] 	= $username;
		$_SESSION['UserID'] 	= $r['UserID'];
		$_SESSION['RealName'] 	= $r['RealName'];
		$_SESSION['Email'] 		= $r['Email'];
		$_SESSION['GroupID'] 	= $r['GroupID'];
	}
}

if ($_SESSION['GroupID'] != $pagedetails[8]) {
	echo "This is a restricted area. Please login.<br/><br/>";
	echo "<form action='index.php' method='get'>Username: <input type='text' name='Username'><br/>\n";
	echo "Password: <input type='password' name='Password'><br/>\n";
	echo "<input type='submit' name='Login' value='Login'></form><br/>\n";
	exit;
}
} else {
//check login details if user appears to be already logged in
if (isset($_SESSION['Username'])) {
	$username = $db->escape ($_SESSION['Username']);
	$password = $db->escape ($_SESSION['Password']);

	$query = $db->query("select UserID, Password, RealName, Email, GroupID, AdminFlag from table_users where (Username = '$username')");
	$r = $db->fetch_array($query);
	$dbpassword = $r['Password'];
	if ($password == $dbpassword) {
		$_SESSION['Username'] = $username;
		$_SESSION['UserID'] = $r['UserID'];
		$_SESSION['RealName'] = $r['RealName'];
		$_SESSION['Email'] = $r['Email'];
		$_SESSION['GroupID'] = $r['GroupID'];
	}
}
}


//load template
$tplate = new cTemplate($pagedetails['TemplateID'], $pagedetails['PageID']);
$tplate->loadtemplate();


//add logout button
if (isset($_SESSION['UserID'])) {
echo "<div align='center'><small><a href='index.php?logout'>logout</a></small></div>\n";
}


//log request
if (getenv(HTTP_X_FORWARDED_FOR)) {
    $ip = getenv(HTTP_X_FORWARDED_FOR);
} else {
    $ip = getenv(REMOTE_ADDR);
}
$log->writelog("/$sectionname/$pagename", "Access");

 

In the includes/templatefile.php file the code is like:

function parsetemplate($templatefile) {
	global $db, $pageid, $pagedetails, $fullbaseurl, $adminemail;

	//first, find internal metacodes
	$pagetitle 		= stripslashes($pagedetails[1]);
	$lastupdate		= date('l dS \of F Y h:i:s A', $pagedetails[5]);
	$sectiontitle 	= stripslashes($pagedetails[7]);
	$sectionname	= stripslashes($pagedetails[6]);
	$templatefile 	= str_replace ("!PAGETITLE!", $pagetitle, $templatefile);
	$templatefile 	= str_replace ("!ADMINEMAIL!", $adminemail, $templatefile);
	$templatefile	= str_replace ("!REQUEST_DOCUMENTID!", $_REQUEST['DocumentID'], $templatefile);
	$templatefile 	= str_replace ("!SECTIONTITLE!", $sectiontitle, $templatefile);
	$templatefile 	= str_replace ("!LASTUPDATE!", $lastupdate, $templatefile);
	$templatefile	= str_replace ("!URL!", $_SERVER['REQUEST_URI'], $templatefile);
	$templatefile   = str_replace ("!FULLBASEURL!", $fullbaseurl, $templatefile);
	$templatefile   = str_replace ("!KEYWORDS!", $pagedetails[10], $templatefile);
	if ($_SESSION['UserID'] != "") {
		$templatefile	= str_replace ("!LOGINDETAILS!", "- You are logged in as " . $_SESSION['Username'], $templatefile);
	} else {
		$templatefile	= str_replace ("!LOGINDETAILS!", "", $templatefile);
	}
	$templatefile 	= str_replace ("!SECTIONLINK!", $fullbaseurl . "?/" . $sectionname . "/Home/", $templatefile);

 

What i am getting via the links are:

http://www.mydomain.com/?/Shop/Home/

 

How do i get rid of the "?" mark and the "/Home/". The /Home/ is also stored in the Database. I have tried a number of solutions by getting rid of the "?" and "/Home/" but i get the 404 error as the code shows.

Can you please help with this?

Link to comment
Share on other sites
  • 2 weeks later...
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.