[SOLVED] 404 Not found when open a file in new window

[kristo5747]

Greetings!

I am newbie with PHP who's trying to build his first app. It is a simple form based app to search for files on a server.

 

I want my user to enter a suffix for the file to look for and click the name of the matching to open it in a new window.

 

This is the source code:

<html>
    <head>
        <title></title>
        <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
    </head>
    <body>
        <form action="search.php" method="post">        
            file suffix to search: <input type="text" name="filesearch" />        
            <input type="submit" />
        </form>
    </body>

This is the code for the search:

<?php
$mysearch = $_POST['filesearch'];
$mydir = "/vendors/logfiles/PASS";

$dir = opendir($mydir);

if ($dir ) {
    //List files in directory
    while (($file = readdir($dir)) !== false)
    //Ignores OS stuff.
    if ($file != "." && $file != "..") {
        if (preg_match('/.'.$mysearch. '$/', $file)) {
    //Creates hyperlink to open file in new windows upon selection.
            echo '<a href="' .  $mydir . '/' . $file
            . '"  target="_blank">' . $file . "</a><br>";
        }
    }
    closedir($dir);
} else { echo "opendir() returned FALSE!<br>";
    exit;}
?>

The script works but the problem is that the hyperlink I create is wrong ; Obviously I get a "404 not found" error when I click it.

 

Instead of my URL being "/vendors/logfiles/PASS/B0232134_2009_05_01.PASS", I get "http://localhost/vendors/logfiles/PASS/B0232134_2009_05_01.PASS".

 

How can I correct this? Can someone please help?

 

Thanks.

 

Al.

[MadTechie]

Instead of my URL being "/vendors/logfiles/PASS/B0232134_2009_05_01.PASS", I get "http://localhost/vendors/logfiles/PASS/B0232134_2009_05_01.PASS".

 

Erm..

/vendors/logfiles/PASS/B0232134_2009_05_01.PASS

isn't a valid URL,, thus you get the protocal http and the domain (being the one your on)

 

So what are you trying to correct?..

What is the correct URL of the file ?

[kristo5747]

I want to correct the url to the file in the browser.

 

The server is able to find the file ("/vendors/logfiles/PASS/B0232134_2009_05_01.PASS" : valid path)

but not the browser ("http://localhost/vendors/logfiles...: invalid path on my server).

 

Basically, I want a remote user to connect to my server (http://somename/ MyApp/), enter a keyword in a form and get a list of files from a pre-determined directory (/vendors/logfiles...) matching that keyword (I got that part working).

 

Then, the remote user can click a (text) file and open it in a new browser window.

 

Am I talking  crazy or can this be done? Can you please share a few pointers? Thank you.

[MadTechie]

Okay,

if i had a file on my webserver and the file path was

 

c:\webserver\wwwroot\example\myfile.txt the URL wouldn't be c:/webserver/wwwroot/example/myfile.txt assuming my webserver pointed to wwwroot the top level of the webserver would be c:\webserver\wwwroot\ BUT the webserver would see it as root so the same as /

 

now with that in-mind

you need to workout the relational path from the script your in to the file you want to get..

 

ie

/myscript.php

/example/myfile.txt

 

Now the file is infact stored c:/webserver/wwwroot/example/myfile.txt BUT the web root is c:/webserver/wwwroot to my URL is /example/myfile.txt

 

does that make sense?

 

Now when your script runs it has file access which means it can use the full path c:/webserver/wwwroot/example/myfile.txt but thats for the script only.. a web user would need to use http://www.domain.com/example/myfile.txt

[kristo5747]

I followed your suggestion and it worked!! I had to figure out the correct path and all went well.

 

The question now is "is this approach secure?".

 

Thanks for your help!

 

Al.

[MadTechie]

Okay lets look back

 

now everything in c:\webserver\wwwroot\ is published on the web but remember that users can't access files below the wwwroot level BUT scripts can.. so while a script can access c:\webserver\secure\ theirs no URL to it

So if you created a script called viewprivate.php and put that in c:\webserver\wwwroot\ its accessable, now if that script did this

<?php
echo file_get_contents('c:\webserver\secure\private.txt');
?>

its infact displaying something from a folders that not public, thus it MUST be accessed via the script..

 

Now if you added a login or session check this could be used to allow selected users access private files

 

i hope that makes sense

[kristo5747]

I think you are explaining make sense. I need to code more to get more experience.

 

What I did is create a symbolic link (like a shortcut with MS Windows, I guess) under the directory where my script is located:

 

<?php
$mydir =  $_SERVER['DOCUMENT_ROOT']."/MyApp/vendors/logfiles/PASS";
$mysearch = $_POST['filesearch'];

$dir = opendir($mydir);

if ($dir ) {
    //List files in directory
    while (($file = readdir($dir)) !== false)
    //Ignores OS stuff.
    if ($file != "." && $file != "..") {
        if (preg_match('/.'.$mysearch. '$/', $file)) {
            echo '<a href="' .   basename($mydir) . '/' . $file
            . '"  target="_blank">' . $file . "</a><br>";
        }
    }
    closedir($dir);
} else { echo "opendir() returned FALSE!<br>";
    exit;
}
?>

 

It works for both local user (i.e. me on localhost) and remote users pointing their browsers to http://<some_ip_address>/MyApp.

 

Thanks again.