Skylight_lady Posted February 14, 2011 Share Posted February 14, 2011 Hi guys, i have a system and was asked to develop the site with the current system. These are sometimes a pain but it is an old system and i'm trying to change the url's which is seems to be hard to do with this kind of code. set_time_limit(60); include 'includes/config.php'; include 'includes/logfile.php'; include 'includes/databasefile.php'; include 'includes/templatefile.php'; $log = new cLog; $db = new cDatabase; //first run ssl check if necessary if ($_SERVER['SERVER_PORT'] == "80" && $sslredirect == 1) { header ("Location: https://" . $_SERVER['HTTP_HOST'] . $_SERVER['SCRIPT_NAME'] . "?" . $_SERVER['QUERY_STRING']); exit(0); } //first, determine page requested list ($junk, $request) = split ("\?/", $_SERVER['REQUEST_URI']); list ($uri, $data) = split ("!", $request); $uriarray = split ("/", $uri); //check for login/logout request list ($junk, $request) = split ("\?", $_SERVER['REQUEST_URI']); if ($request == 'login') { header ("Location: login.php"); exit(0); } else if ($request == 'logout') { header ("Location: logout.php"); exit(0); } if ($data != "") { //parse internal variables $dataarray = split ("&", $data); foreach ($dataarray as $line) { list ($cmd, $val) = split ("=", $line); $arr_cmds[$cmd] = urldecode ($val); } } $pagename = $db->escape($uriarray[count($uriarray)-2]); $sectionname = $db->escape($uriarray[count($uriarray)-3]); if ($pagename == "") { $pagename = "home"; } if ($sectionname == "") { $sectionname = "home"; } $urlpagename = $pagename; $urlsectionname1 = $sectionname; $urlsectionname2 = $db->escape($uriarray[count($uriarray)-4]); //handle any commands, then redirect back to page $cmd = $_REQUEST['cmd']; if ($cmd == "-displayelement") { $elementid = $db->escape($_REQUEST['elementid']); if ($_REQUEST['surpresshtml'] == "") { echo "<html><head><link href='templates/css.css' rel='stylesheet' type='text/css'></head>\n"; } if ($_REQUEST['global'] == "1") { $query = $db->query("select ComponentName, Data from table_globalelements where (ElementID = '$elementid')"); } else { $query = $db->query("select ComponentName, Data from table_elements where (ElementID = '$elementid')"); } $r = $db->fetch_array($query); $currentcomponentname = $r['ComponentName']; $data = stripslashes($r['Data']); //find matching component and launch display function $dir_handle = opendir("com/components/"); while ($file = readdir($dir_handle)) { $filenoext = str_replace (".php", "", $file); if ($filenoext == $currentcomponentname) { include "com/components/" . $file; echo call_user_func(array($currentcomponentname, 'display'), $data); break; } } if ($_REQUEST['surpresshtml'] == "") { echo "</body></html>\n"; } exit (0); } else if ($cmd == '-editelement') { $elementid = $db->escape($_REQUEST['elementid']); if (isset($_SESSION['UserID'])) { $query = $db->query("select UserID, AdminFlag from table_users where (UserID = '" . $_SESSION['UserID'] . "')"); $r = $db->fetch_array($query); $userid = $r['UserID']; $adminflag = $r['AdminFlag']; if ($adminflag != "1") { $query = $db->query ("select ComponentName, Data, PageID from table_elements where (ElementID = '$elementid' and UserID = '$userid')"); } else { $query = $db->query ("select ComponentName, Data, PageID from table_elements where (ElementID = '$elementid')"); } $r = $db->fetch_array($query); $currentcomponentname = $r['ComponentName']; $data = stripslashes($r['Data']); $pageid = $r['PageID']; //handle request $cmd = $_REQUEST['greyboxcmd']; if ($cmd == 'save') { $elementid = $db->escape($_REQUEST['ElementID']); $data = $db->escape($_REQUEST['Data']); //find matching component and launch save function $dir_handle = opendir("com/components/"); while ($file = readdir($dir_handle)) { $filenoext = str_replace (".php", "", $file); if ($filenoext == $currentcomponentname) {; include "com/components/" . $file; $data = call_user_func(array($currentcomponentname, 'save')); if ($adminflag != "1") { $query = $db->query("update table_elements set Data = '$data' where (ElementID = '$elementid' and UserID = '$userid')"); } else { $query = $db->query("update table_elements set Data = '$data' where (ElementID = '$elementid')"); } echo "<script type='text/javascript'>parent.location.reload(true); parent.GB_hide();</script>\n"; exit(0); } } echo "Error: component not found..."; } //find matching component and launch edit function echo "<html><head><link href='templates/css.css' rel='stylesheet' type='text/css'><script type='text/javascript' src='templates/openwysiwyg/wysiwyg.js'></script></head>\n"; echo "<body style='text-align: center;'><form name='Form0' enctype='multipart/form-data' method='post' action='" . $_SERVER['REQUEST_URI'] . "'>\n"; $dir_handle = opendir("com/components/"); while ($file = readdir($dir_handle)) { $filenoext = str_replace (".php", "", $file); if ($filenoext == $currentcomponentname) {; include "com/components/" . $file; echo call_user_func(array($currentcomponentname, 'edit'), $data); break; } } echo "<input type='hidden' name='ElementID' value='$elementid'><input type='submit' name='Save' value='Save' class='smallbutton'>\n"; echo "<input type='button' name='Cancel' value='Cancel' onclick='parent.GB_hide();' class='smallbutton'>\n"; echo "<input type='hidden' name='greyboxcmd' value='save'></form></body></html>\n"; exit (0); } else { echo "<script type='text/javascript'>parent.GB_hide();</script>\n"; exit (0); } } else if ($cmd == '-editglobalelement') { $elementid = $db->escape($_REQUEST['elementid']); if (isset($_SESSION['UserID'])) { $query = $db->query("select UserID, AdminFlag from table_users where (UserID = '" . $_SESSION['UserID'] . "')"); $r = $db->fetch_array($query); $userid = $r['UserID']; $adminflag = $r['AdminFlag']; if ($adminflag != "1") { echo "Security - Out of bounds"; exit(0); } $query = $db->query ("select ComponentName, Data from table_globalelements where (ElementID = '$elementid')"); $r = $db->fetch_array($query); $currentcomponentname = $r['ComponentName']; $data = stripslashes($r['Data']); //handle request $cmd = $_REQUEST['greyboxcmd']; if ($cmd == 'save') { $elementid = $db->escape($_REQUEST['ElementID']); $data = $db->escape($_REQUEST['Data']); //find matching component and launch save function $dir_handle = opendir("com/components/"); while ($file = readdir($dir_handle)) { $filenoext = str_replace (".php", "", $file); if ($filenoext == $currentcomponentname) {; include "com/components/" . $file; $data = call_user_func(array($currentcomponentname, 'save')); $query = $db->query("update table_globalelements set Data = '$data' where (ElementID = '$elementid')"); echo "<script type='text/javascript'>parent.location.reload(true); parent.GB_hide();</script>\n"; exit(0); } } echo "Error: component not found..."; } //find matching component and launch edit function echo "<html><head><link href='templates/css.css' rel='stylesheet' type='text/css'><script type='text/javascript' src='templates/openwysiwyg/wysiwyg.js'></script></head>\n"; echo "<body style='text-align: center;'><form name='Form0' enctype='multipart/form-data' method='post' action='" . $_SERVER['REQUEST_URI'] . "'>\n"; $dir_handle = opendir("com/components/"); while ($file = readdir($dir_handle)) { $filenoext = str_replace (".php", "", $file); if ($filenoext == $currentcomponentname) {; include "com/components/" . $file; echo call_user_func(array($currentcomponentname, 'edit'), $data); break; } } echo "<input type='hidden' name='ElementID' value='$elementid'><input type='submit' name='Save' value='Save' class='smallbutton'>\n"; echo "<input type='button' name='Cancel' value='Cancel' onclick='parent.GB_hide();' class='smallbutton'>\n"; echo "<input type='hidden' name='greyboxcmd' value='save'></form></body></html>\n"; exit (0); } else { echo "<script type='text/javascript'>parent.GB_hide();</script>\n"; exit (0); } } //lookup page details $query = $db->query("select p.PageID, p.PageTitle, p.SectionID, p.TemplateID, p.UserID, p.LastUpdate, p.SectionName, s.SectionTitle, s.GroupID, s.Protected, p.Keywords, p.PageName from table_pages as p left join table_sections as s on s.SectionName = p.SectionName where (p.PageName = '$pagename' and s.SectionName = '$sectionname') limit 1"); if (!$pagedetails = $db->fetch_array($query)) { echo "404"; exit(0); } //check for privileges section if ($pagedetails[8] != "" && $pagedetails[8] != "0") { $sectionname = stripslashes($pagedetails[6]); if (!isset($_SESSION['Username']) && !isset($_REQUEST['Username'])) { echo "This is a restricted area. Please login.<br/><br/>"; echo "<form action='index.php' method='get'>Username: <input type='text' name='Username'><br/>\n"; echo "Password: <input type='password' name='Password'><br/>\n"; echo "<input type='submit' name='Login' value='Login'></form><br/>\n"; exit; } else { $username = $db->escape ($_REQUEST['Username']); $password = $db->escape ($_REQUEST['Password']); if ($username == "") { $username = $db->escape ($_SESSION['Username']); } if ($password == "") { $password = $db->escape ($_SESSION['Password']); } $query = $db->query("select UserID, Password, RealName, Email, GroupID, AdminFlag from table_users where (Username = '$username')"); $r = $db->fetch_array($query); $dbpassword = $r['Password']; if ($password == $dbpassword) { $_SESSION['Username'] = $username; $_SESSION['UserID'] = $r['UserID']; $_SESSION['RealName'] = $r['RealName']; $_SESSION['Email'] = $r['Email']; $_SESSION['GroupID'] = $r['GroupID']; } } if ($_SESSION['GroupID'] != $pagedetails[8]) { echo "This is a restricted area. Please login.<br/><br/>"; echo "<form action='index.php' method='get'>Username: <input type='text' name='Username'><br/>\n"; echo "Password: <input type='password' name='Password'><br/>\n"; echo "<input type='submit' name='Login' value='Login'></form><br/>\n"; exit; } } else { //check login details if user appears to be already logged in if (isset($_SESSION['Username'])) { $username = $db->escape ($_SESSION['Username']); $password = $db->escape ($_SESSION['Password']); $query = $db->query("select UserID, Password, RealName, Email, GroupID, AdminFlag from table_users where (Username = '$username')"); $r = $db->fetch_array($query); $dbpassword = $r['Password']; if ($password == $dbpassword) { $_SESSION['Username'] = $username; $_SESSION['UserID'] = $r['UserID']; $_SESSION['RealName'] = $r['RealName']; $_SESSION['Email'] = $r['Email']; $_SESSION['GroupID'] = $r['GroupID']; } } } //load template $tplate = new cTemplate($pagedetails['TemplateID'], $pagedetails['PageID']); $tplate->loadtemplate(); //add logout button if (isset($_SESSION['UserID'])) { echo "<div align='center'><small><a href='index.php?logout'>logout</a></small></div>\n"; } //log request if (getenv(HTTP_X_FORWARDED_FOR)) { $ip = getenv(HTTP_X_FORWARDED_FOR); } else { $ip = getenv(REMOTE_ADDR); } $log->writelog("/$sectionname/$pagename", "Access"); In the includes/templatefile.php file the code is like: function parsetemplate($templatefile) { global $db, $pageid, $pagedetails, $fullbaseurl, $adminemail; //first, find internal metacodes $pagetitle = stripslashes($pagedetails[1]); $lastupdate = date('l dS \of F Y h:i:s A', $pagedetails[5]); $sectiontitle = stripslashes($pagedetails[7]); $sectionname = stripslashes($pagedetails[6]); $templatefile = str_replace ("!PAGETITLE!", $pagetitle, $templatefile); $templatefile = str_replace ("!ADMINEMAIL!", $adminemail, $templatefile); $templatefile = str_replace ("!REQUEST_DOCUMENTID!", $_REQUEST['DocumentID'], $templatefile); $templatefile = str_replace ("!SECTIONTITLE!", $sectiontitle, $templatefile); $templatefile = str_replace ("!LASTUPDATE!", $lastupdate, $templatefile); $templatefile = str_replace ("!URL!", $_SERVER['REQUEST_URI'], $templatefile); $templatefile = str_replace ("!FULLBASEURL!", $fullbaseurl, $templatefile); $templatefile = str_replace ("!KEYWORDS!", $pagedetails[10], $templatefile); if ($_SESSION['UserID'] != "") { $templatefile = str_replace ("!LOGINDETAILS!", "- You are logged in as " . $_SESSION['Username'], $templatefile); } else { $templatefile = str_replace ("!LOGINDETAILS!", "", $templatefile); } $templatefile = str_replace ("!SECTIONLINK!", $fullbaseurl . "?/" . $sectionname . "/Home/", $templatefile); What i am getting via the links are: http://www.mydomain.com/?/Shop/Home/ How do i get rid of the "?" mark and the "/Home/". The /Home/ is also stored in the Database. I have tried a number of solutions by getting rid of the "?" and "/Home/" but i get the 404 error as the code shows. Can you please help with this? Quote Link to comment Share on other sites More sharing options...
Skylight_lady Posted February 23, 2011 Author Share Posted February 23, 2011 Wow .... am suprised there is no help for this. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.