If url(s) = XXXX, then execute script, else blank

[Graxeon]

I want to know how to setup a file that will do this:

 

User request: http://www.domain.com/file.php?v=http://www.google.com/search?hl=en&q=php

 

"file.php" checks to see if the google URL is on a list of "allowed" user requests (maybe a "IF url = http://www.google.com/search?hl=en&q=php, then execute a script, otherwise...send a blank page).

 

Ok...so if the URL is in the "list" then a script would be executed:

 

(this is an example script...I have many PHP files that use different scripts for different requests)

 

<?php

header("Location: ".str_replace("v=", "", $_SERVER['QUERY_STRING'])."+help");

?>

 

But if the URL is not in the "list" then nothing is executed. The user isn't redirected anywhere...a blank page comes up.

 

I can't do this with MySQL so I need to find out how to do this within "file.php"

[ngreenwood6]

can you explain why you cannot do this in mysql. If you could just insert the allowed urls in the database it would make your script run alot smoother and faster. It would also be easier to add allowed urls in the future.

[Graxeon]

I don't have access to it.

 

I know it would be a much better method but I can't

 

So yeah...can you help me with setting it up in "file.php" ?

[ngreenwood6]

Well i am no expert but you would have to set up a list of allowed urls and then check them against the url that is passed. for example:

 

the url i am going to use will be http://www.mysite.com/index.php?url=http://www.google.com

\\set the allowed url
$allowed_url = "http://www.google.com";

\\get the url from the url - lol
$passed_url = $_GET['url']; \\this would be  http://www.google.com

\\make an if statement to check
if($passed_url == $allowed_url)
{
allow
}
else
{
dont allow
}

 

Thats just a basic example but hopefully it makes sense to you. You would probably have to put the allowed urls in an array or you could save them in an external text file and search through it when you are checking against the passed url.

[Graxeon]

Cool ^-^

 

Could you do 1 favor for me, though? Can you show me how I can make multiple "$allowed_url" and "$passed_url"? I'm a total newbie xD

[ngreenwood6]

i do not know why you would want to make more than 1 $passed_url. that would be what you see at then end of the url and the one you that they picked or whatever. I am not that good at making arrays but you could do something like this for the $allowed_url:

 

$allowed_url = Array("http://www.google.com","http://yahoo.com")

echo $allowed_url[1]; \\that would be google

 

You may want to look into arrays a little bit more as well as the $_GET method. the $_GET takes what is at the end of the url in the browser.

[Graxeon]

Arg...sorry about the past url thing >.<

 

Ok...well I set up the page (btw...the backwards slash \ marks are giving errors so I changed them to /) like this:

 

The first one (no array) always sent me to "else" even though the request was: http://domain.com/file.php?url=http://www.google.com/search?hl=en&q=php

<?php
//set the allowed url
$allowed_url = "http://www.google.com/search?hl=en&q=php";

//get the url from the url - lol
$passed_url = $_GET['url=']; //this would be  http://www.google.com

//make an if statement to check
if($passed_url == $allowed_url)
{
header("Location: ".str_replace("url=", "", $_SERVER['QUERY_STRING'])."+help");
}
else
{
header("Location: ".str_replace("url=", "", $_SERVER['QUERY_STRING'])."+nohelp");
}
?>

 

I don't know if I set this up correctly...but it gave an error on the line where "echo" is.

<?php
$allowed_url = Array("http://www.google.com/search?hl=en&q=php","http://yahoo.com")

echo $allowed_url[1]; //that would be google

//get the url from the url - lol
$passed_url = $_GET['url=']; //this would be  http://www.google.com

//make an if statement to check
if($passed_url == $allowed_url)
{
header("Location: ".str_replace("url=", "", $_SERVER['QUERY_STRING'])."+help");
}
else
{
header("Location: ".str_replace("url=", "", $_SERVER['QUERY_STRING'])."+nohelp");
}
?>

[ngreenwood6]

the first one you do not need the = next the url like this:

 

<?php
//set the allowed url
$allowed_url = "http://www.google.com/search?hl=en&q=php";

//get the url from the url - lol
$passed_url = $_GET['url']; //this would be  http://www.google.com

//make an if statement to check
if($passed_url == $allowed_url)
{
header("Location: ".str_replace("url=", "", $_SERVER['QUERY_STRING'])."+help");
}
else
{
header("Location: ".str_replace("url=", "", $_SERVER['QUERY_STRING'])."+nohelp");
}
?>

 

as for the second one same as the first and the "A" in "Array should be lowercase like so "array"(that was my mistake):

 

<?php
$allowed_url = array("http://www.google.com/search?hl=en&q=php","http://yahoo.com")

echo $allowed_url[1]; //that would be google

//get the url from the url - lol
$passed_url = $_GET['url']; //this would be  http://www.google.com

//make an if statement to check
if($passed_url == $allowed_url)
{
header("Location: ".str_replace("url=", "", $_SERVER['QUERY_STRING'])."+help");
}
else
{
header("Location: ".str_replace("url=", "", $_SERVER['QUERY_STRING'])."+nohelp");
}
?>

 

oh and just so you know array's start with 0 so array 1 will give you the second one array 0 will give you the first $allowed_url[0].

[Graxeon]

Neither works

 

First one sends me to php+nohelp: http://fr33.ulmb.com/gr/google.php?url=http://www.google.com/search?hl=en&q=php

 

And the second one: http://fr33.ulmb.com/gr/google2.php?url=http://www.google.com/search?hl=en&q=php

 

Error on line 4 (echo). I tried changing the "$allowed_url[1]" to "$allowed_url[0]" but neither worked.

[premiso]

Here we go loopty loo!

 

<?php
$allowed_url = array("http://www.google.com/search?hl=en&q=php","http://yahoo.com")

echo $allowed_url[1]; // Actually this would be yahoo, arrays are 0-index based.

//get the url from the url - lol
$passed_url = $_GET['url']; //this would be  http://www.google.com

foreach ($allowed_url as $allowed) {
     if(stristr($allowed, $passed_url) !== false) {
           header("Location: ".str_replace("url=", "", $_SERVER['QUERY_STRING'])."+help");
           exit;
     }
}

header("Location: ".str_replace("url=", "", $_SERVER['QUERY_STRING'])."+nohelp");
?>

 

That should work.

[Graxeon]

It keeps throwing back an error on "echo"

 

What exactly is this line doing?

 

echo $allowed_url[1];

[premiso]

Bah sorry man.

 

<?php
$allowed_url = array("http://www.google.com/search?hl=en&q=php","http://yahoo.com")

//get the url from the url - lol
$passed_url = $_GET['url']; //this would be  http://www.google.com

foreach ($allowed_url as $allowed) {
     if(stristr($allowed, $passed_url) !== false) {
           header("Location: ".str_replace("url=", "", $_SERVER['QUERY_STRING'])."+help");
           exit;
     }
}

header("Location: ".str_replace("url=", "", $_SERVER['QUERY_STRING'])."+nohelp");
?>

 

Removed the dang echo, if anything is outputted to the screen before a header call, then the call does not work.

[Graxeon]

*scratches head*

 

I got this with the new "no echo" code:

 

Parse error: syntax error, unexpected T_VARIABLE in google3.php on line 5

 

Here's the test page: http://fr33.ulmb.com/gr/google3.php?url=http://www.google.com/search?hl=en&q=php

[premiso]

$allowed_url = array("http://www.google.com/search?hl=en&q=php","http://yahoo.com")

 

Should be

 

$allowed_url = array("http://www.google.com/search?hl=en&q=php","http://yahoo.com");

 

Missed the semi-colon.