Search the Community

Hello folks, I am trying to create a script that will check the current domain, compare it with an array of domains that are stored externally in domains.php. If we have a match, great. If not, show an error. I am using CURL because of the vulnerabilities used using allow_url_include() so don't want to use that. Here is domains.php <?php // domains.php // Prevent direct access if (basename($_SERVER['PHP_SELF']) === basename(__FILE__)) { die('Access denied.'); } // Array of allowed domain names $domains_content = [ 'test1.com', 'test.com', 'mywebsite.org' ]; ?> Here is the function for checking: // This script checks if the current domain is in the allowed domains list. // Function to fetch the external PHP file using CURL function fetchDomains($url) { $ch = curl_init($url); curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); $response = curl_exec($ch); if (curl_errno($ch)) { throw new Exception('CURL Error: ' . curl_error($ch)); } curl_close($ch); return $response; } try { // URL of the external PHP file $url = 'https://www.domain/domains.php'; // Replace with the actual URL // Fetch the domains $domains_content = fetchDomains($url); // Evaluate the fetched content to get the array eval('?>' . $domains_content); // Get the current domain $current_domain = $_SERVER['HTTP_HOST']; // Check if the current domain is in the allowed domains if (!in_array($current_domain, $domains_content)) { throw new Exception('Error: The current domain "' . $current_domain . '" is not allowed.'); } echo 'Domain check passed. Current domain: ' . $current_domain; } catch (Exception $e) { // Handle exceptions and display error message echo 'An error occurred: ' . $e->getMessage(); } I haven't included the actual domain I am checking for privacy reasons but you get the drift. Here is the error I am getting: [24-Oct-2024 00:04:58 Australia/Melbourne] PHP Warning: in_array() expects parameter 2 to be array, string given in includes/header.php on line 85 Here is that line: if (!in_array($current_domain, $domains_content)) { throw new Exception('Error: The current domain "' . $current_domain . '" is not allowed.'); } If anyone can help resolve this I would appreciate it. The domain the script is hosted on is actually listed in the array.

Hi, I want to make a functionality similar to google's did you mean as anytime user searches for wrong word that is misspelled word then I need to correct it or suggest a word similar to the searched word. Please suggest asap.