Re: URL parsing, help

On 27 nov, 21:14, Jerry Stuckle <jstuck...@xxxxxxxxxxxxx> wrote:
Rhialto wrote:
On 27 nov, 20:26, trookat <troo...@xxxxxxxxxxxxx> wrote:
Rhialto wrote:
On 27 nov, 19:29, Rhialto <Rhia...@xxxxxxxxx> wrote:
On 27 nov, 19:05, Jerry Stuckle <jstuck...@xxxxxxxxxxxxx> wrote:
Rhialto wrote:
With a lot of search in Google I made it in JS but there is a part I'd
like to be in PHP and I can't find how to do it.
From a page that usually display in a frame I have this JS :
if (self == top) { top.location.href="/index.php?url=test.php"; }
Now you may have guessed what I'm trying to do, load the top page but
with the frame I passed in the URL
I successfully achieved my goal with JS but I think it would be nice
using PHP.
How can I extract only "test.php" from the URL so I can:
<?php echo "<iframe src=\'" + url + "'>" ?>
Thanks
Look at the $_GET superglobal.
--
==================
Remove the "x" from my email address
Jerry Stuckle
JDS Computer Training Corp.
jstuck...@xxxxxxxxxxxxx
==================
Found it, thanks for the clue!
I'm no php expert and even if the next line works, maybe someone can
optimize it?
<iframe src="<?php if ($_GET["url"] == "") { echo "default.php"; }
else { echo $_GET["url"]; } ?>"></iframe>
What you have is fairly optimized however it is not secure. people could
  use this to load url's that you are not wanting.

I've come to this mostly to avoid someone (or search engine) to link
directly to the frame, bypassing the top page.

What I suggest is something like
<?php
// if url is set assign $url the url else set it to default
$url = isset($_GET['url']) ? $_GET['url'] : 'default.php';

$ok_url="default.php"; // set default ok_url
switch ($url)
{
  case 'first.php' : $ok_url="first.php";break;
  case 'second.php' :$ok_url="second.php";break;
  case 'third.php' :$ok_url="third.php";break;
}

I understand the 1st part but why the switch?
What if I replace my previous code with only

$url = isset($_GET['url']) ? $_GET['url'] : 'default.php'; echo
'<iframe src="'.$url.'"></iframe>';

Thanks for your input, I'm still learning.

As trookat says, it's for security - you must have one of those values.
  Otherwise, anyone could put anything in there - potentially displaying
things you don't want displayed.

Never trust anything which comes from the user.

--
==================
Remove the "x" from my email address
Jerry Stuckle
JDS Computer Training Corp.
jstuck...@xxxxxxxxxxxxx
==================

Ok I think I just got it now, sorry I was slow. The switch only make
possible the pages I want to be available... nice!
.

Relevant Pages

  • Re: New to "complex" html but this *should* be easy...?
    ... On loding the frameset, FrameA contains the form, and FrameB is blank. ... and the PHP page it is sent to display the results in FrameB. ... all to work in the same frame, but that's not the effect I'm aiming for. ...
    (alt.html)
  • Re: URL parsing, help
    ... like to be in PHP and I can't find how to do it. ... From a page that usually display in a frame I have this JS: ... JDS Computer Training Corp. ...
    (comp.lang.php)
  • Re: URL parsing, help
    ... like to be in PHP and I can't find how to do it. ... From a page that usually display in a frame I have this JS: ... use this to load url's that you are not wanting. ... I understand the 1st part but why the switch? ...
    (comp.lang.php)
  • Rookie Question About Include
    ... php). ... I also have a phpBB board which I would like to load inside my frame. ... I used the baseref because otherwise the images wouldn't display. ... an horizontal bar appears in the frame and I have sort of no control ...
    (alt.php)
  • PHP Image String function
    ... My understanding of the image string function is this, ... The colour to display the string in. ... My Question is can the "string to be printed' be used as an to a frame, ... put the primary key to a mysql table in what is passed into the php frame I ...
    (alt.php)