Craznal Posted September 17, 2009 Share Posted September 17, 2009 Hello freaks! This is my first post here, hope i can contribute to some parts here by time. Anyways, i was wondering, how can i create an application that translates: /url.php?http://www.google.com to render an framed webpage with a top bar displaying an ad for example, and the lower portion acctually displaying the URL (witch is gained from the URL) Is this possible? I guess the IFRAME SRC would need code like =&URL ? sry im tha n00b )) Quote Link to comment Share on other sites More sharing options...
waynew Posted September 17, 2009 Share Posted September 17, 2009 Example: <?php $url = htmlentities($_GET['url'],ENT_QUOTES,"utf-8"); ?> <iframe src="<?php echo $url; ?>"></iframe> Quote Link to comment Share on other sites More sharing options...
Craznal Posted September 17, 2009 Author Share Posted September 17, 2009 Hey! Thanks a lot! I can understand whats happening, and when i try sample.php?url=google.com i get the iframe saying /google.com is not found (404) so, i tried sample.php?url=http://www.google.com and get: Forbidden You don't have permission to access /sample.php on this server. Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request. Any ideas? THANKS so far!! Quote Link to comment Share on other sites More sharing options...
Craznal Posted September 18, 2009 Author Share Posted September 18, 2009 i still cant seem to figure this one out... any manuals i can read about the spesific topic ? Quote Link to comment Share on other sites More sharing options...
Craznal Posted September 19, 2009 Author Share Posted September 19, 2009 anyone? Quote Link to comment Share on other sites More sharing options...
l4nc3r Posted September 19, 2009 Share Posted September 19, 2009 Well, I'm guessing the 404 has something to do with the entire Google URL in the GET vars. There are a few ways you can solve this. One way is to append "http://" to all of the urls you get in before you put them in to the iframe. Like: <iframe src="<?php echo 'http://'.$_GET['url']; ?>"></iframe> where $_GET['url'] would be something like "www.google.com". Another way, which I recommend, would be to encode all of the URLs before you put them into the URL and then decode them on the receiving page. So the first page would look like: <?php $url = urlencode('http://www.google.com/'); header('Location: http://www.mywebsite.com/sample.php?url='.$url); ?> And the second page would look like: <?php $url = urldecode($_GET['url']); ?> <iframe src="<?php echo $url; ?>"></iframe> Quote Link to comment Share on other sites More sharing options...
Craznal Posted September 19, 2009 Author Share Posted September 19, 2009 Thanks l4nc3r !! Solution #1 works best for me as theese would be 1000`s of urls. So the sample.php page would have Google Analytics code in it. So im thinking, is this a security risk by any means? Would an attacker be able to use sample.php?url= obtain access to my root files? Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.