Jump to content

Is there a way to redirect bad requests to a 404 page?

healthbasics

By healthbasics
in PHP Coding Help

 Share

Recommended Posts

healthbasics Newbie

healthbasics

Posted
Posted

http://mysite.com/[garbage]

http://mysite.com/[garbage].html

http://mysite.com/[garbage]/[garbage]

 

All redirect to my 404 page no problem.  I did this with an .htaccess redirect. 

 

However, requests like http://mysite.com/index.php?page=[garbage] produces a completely blank page.  Is there anyway i can redirect to something when the page doesn't exist?

Mchl Regular Member

Mchl

Posted
Posted

I assume, that on your application you check if $_GET['page'] variable is something meaningful (e.g. there's some content related to it in database), or it's just garbage. If it's garbage, use header() to redirect.

 

Example with MySQL:

<?php
$page = mysql_real_escape_string($_GET['page']);  //make sure nothing harmful get's injected into query
$sql = "SELECT ... FROM pages WHERE page = '$page'";
$result = mysql_query($sql);
if(mysql_num_rows($result) == 0) { //check if any rows got returned
  //redirect to 404
} else {
  //display data
}

TOA Member

TOA

Posted
Posted

I read that and I see that you can use this function for this but where exactly would put what exact code to redirect to .\php\not_found.php for example?

 

I am not really all that experienced with this, sorry.

 

php.net/manual/en/function.header.php

 

So it would be

header("location: .\php\not_found.php");

 

You can also do a timed redirect like this

header("refresh:5; url='.\php\not_found.php'");

healthbasics Newbie

healthbasics

Posted
  • Author
Posted

I assume, that on your application you check if $_GET['page'] variable is something meaningful (e.g. there's some content related to it in database), or it's just garbage. If it's garbage, use header() to redirect.

 

Example with MySQL:

<?php
$page = mysql_real_escape_string($_GET['page']);  //make sure nothing harmful get's injected into query
$sql = "SELECT ... FROM pages WHERE page = '$page'";
$result = mysql_query($sql);
if(mysql_num_rows($result) == 0) { //check if any rows got returned
  //redirect to 404
} else {
  //display data
}

 

I don't have my sql and there is no implementation for checking or anything in place.  That's what I'm trying to do now.  I was trying to prevent people that send a bad request (for example if the site changes and there are latent search engine links) from simply getting a completely blank white page.

 

Is there an easy way to do this?

 

@DevilsAdvocate - I read that but it doesn't really make clear to me what I have to put where to accomplish what I'm trying to do.

TOA Member

TOA

Posted
Posted

I assume, that on your application you check if $_GET['page'] variable is something meaningful (e.g. there's some content related to it in database), or it's just garbage. If it's garbage, use header() to redirect.

 

Example with MySQL:

<?php
$page = mysql_real_escape_string($_GET['page']);  //make sure nothing harmful get's injected into query
$sql = "SELECT ... FROM pages WHERE page = '$page'";
$result = mysql_query($sql);
if(mysql_num_rows($result) == 0) { //check if any rows got returned
  //redirect to 404
} else {
  //display data
}

 

I don't have my sql and there is no implementation for checking or anything in place.  That's what I'm trying to do now.  I was trying to prevent people that send a bad request (for example if the site changes and there are latent search engine links) from simply getting a completely blank white page.

 

Is there an easy way to do this?

 

@DevilsAdvocate - I read that but it doesn't really make clear to me what I have to put where to accomplish what I'm trying to do.

 

Replace where it says "// redirect to 404" in the code Mchl posted with the header call

Mchl Regular Member

Mchl

Posted
Posted

I was trying to prevent people that send a bad request (for example if the site changes and there are latent search engine links) from simply getting a completely blank white page.

 

Is there an easy way to do this

 

The question is: how do you recognise a bad request? What does your page variable stand for?

healthbasics Newbie

healthbasics

Posted
  • Author
Posted

?page=[good name] loads .\php\[good name].php

 

I am not real picky about the exact mechanics of how to do this or what is displayed so long as it's SOMETHING.  I just felt like it should be something more than a totally blank white page incase somebody links in with a malformed link. 

 

Automatic redirection to the root home page would be fine.  Redirection to my 404 page would be fine too, really anything besides just a plain blank page.

 

If this is a huge deal or requires my sql implementation to do it I'll definitely put this on the back burner but I thought there might be a quick fix. 

TOA Member

TOA

Posted
Posted

?page=[good name] loads .\php\[good name].php

 

I am not real picky about the exact mechanics of how to do this or what is displayed so long as it's SOMETHING.  I just felt like it should be something more than a totally blank white page incase somebody links in with a malformed link. 

 

Automatic redirection to the root home page would be fine.  Redirection to my 404 page would be fine too, really anything besides just a plain blank page.

 

If this is a huge deal or requires my sql implementation to do it I'll definitely put this on the back burner but I thought there might be a quick fix.

 

Well, the header is the way to go. How you decide to test the condition I'm not sure.

For ex. 

if (condition == failure) {
header();
} else {
display
}

 

Hope that helps

healthbasics Newbie

healthbasics

Posted
  • Author
Posted

This sounds good but where to put it?

 

if (condition == failure) {
header();
} else {
display
}

 

Taking a stab...  can I just do:

if (file_exists($html_path.$file)) {
include $html_path.$file;
} else {

include $html_path.404;
}

(Note: I created a file 404.php for this exercise)

 

Where do I place this code?  Just in index.php?

healthbasics Newbie

healthbasics

Posted
  • Author
Posted

My index.php is:

 


<?php 

include "menu.inc.php";

function menu($_menu){
$str = '';
foreach($_menu as $url => $name){
	$sel = ($_GET['page'] == $url ) ? ' id="selected" ' : '';
	$str .= "<li ". $sel ."><a class='five' href=" . $url . " >" . $name . "</a></li>";
}
echo $str;
}

$page = ( isset($_GET['pg']) ?  $_GET['pg'] : ((isset($_GET['page']))? $_GET['page']:'home'));

$file = basename($page).'.php';
$html_path = "php/";

if (file_exists($html_path.$file)) include $html_path.$file;
?>

 

ANd my first guess was wildly wrong - doing that creates a nice blank white page for *everything*!

Mchl Regular Member

Mchl

Posted
Posted

You already have some code in place :) See:

 

if (file_exists($html_path.$file)) include $html_path.$file;

 

Now change it to:

 

if (file_exists($html_path.$file)) {
  include($html_path.$file);
} else {
  include('404.html'); //or whatever - just make sure the file IS actually there.
}

 

If you still see blank page, there might be something wring with your paths. You might want to use require instead of include(), which will tell you if it can find the file or not

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.