Jump to content

Is there a way to redirect bad requests to a 404 page?


healthbasics

Recommended Posts

http://mysite.com/[garbage]

http://mysite.com/[garbage].html

http://mysite.com/[garbage]/[garbage]

 

All redirect to my 404 page no problem.  I did this with an .htaccess redirect. 

 

However, requests like http://mysite.com/index.php?page=[garbage] produces a completely blank page.  Is there anyway i can redirect to something when the page doesn't exist?

Link to comment
Share on other sites

I assume, that on your application you check if $_GET['page'] variable is something meaningful (e.g. there's some content related to it in database), or it's just garbage. If it's garbage, use header() to redirect.

 

Example with MySQL:

<?php
$page = mysql_real_escape_string($_GET['page']);  //make sure nothing harmful get's injected into query
$sql = "SELECT ... FROM pages WHERE page = '$page'";
$result = mysql_query($sql);
if(mysql_num_rows($result) == 0) { //check if any rows got returned
  //redirect to 404
} else {
  //display data
}

Link to comment
Share on other sites

I read that and I see that you can use this function for this but where exactly would put what exact code to redirect to .\php\not_found.php for example?

 

I am not really all that experienced with this, sorry.

 

php.net/manual/en/function.header.php

 

So it would be

header("location: .\php\not_found.php");

 

You can also do a timed redirect like this

header("refresh:5; url='.\php\not_found.php'");

Link to comment
Share on other sites

I assume, that on your application you check if $_GET['page'] variable is something meaningful (e.g. there's some content related to it in database), or it's just garbage. If it's garbage, use header() to redirect.

 

Example with MySQL:

<?php
$page = mysql_real_escape_string($_GET['page']);  //make sure nothing harmful get's injected into query
$sql = "SELECT ... FROM pages WHERE page = '$page'";
$result = mysql_query($sql);
if(mysql_num_rows($result) == 0) { //check if any rows got returned
  //redirect to 404
} else {
  //display data
}

 

I don't have my sql and there is no implementation for checking or anything in place.  That's what I'm trying to do now.  I was trying to prevent people that send a bad request (for example if the site changes and there are latent search engine links) from simply getting a completely blank white page.

 

Is there an easy way to do this?

 

@DevilsAdvocate - I read that but it doesn't really make clear to me what I have to put where to accomplish what I'm trying to do.

Link to comment
Share on other sites

I assume, that on your application you check if $_GET['page'] variable is something meaningful (e.g. there's some content related to it in database), or it's just garbage. If it's garbage, use header() to redirect.

 

Example with MySQL:

<?php
$page = mysql_real_escape_string($_GET['page']);  //make sure nothing harmful get's injected into query
$sql = "SELECT ... FROM pages WHERE page = '$page'";
$result = mysql_query($sql);
if(mysql_num_rows($result) == 0) { //check if any rows got returned
  //redirect to 404
} else {
  //display data
}

 

I don't have my sql and there is no implementation for checking or anything in place.  That's what I'm trying to do now.  I was trying to prevent people that send a bad request (for example if the site changes and there are latent search engine links) from simply getting a completely blank white page.

 

Is there an easy way to do this?

 

@DevilsAdvocate - I read that but it doesn't really make clear to me what I have to put where to accomplish what I'm trying to do.

 

Replace where it says "// redirect to 404" in the code Mchl posted with the header call

Link to comment
Share on other sites

I was trying to prevent people that send a bad request (for example if the site changes and there are latent search engine links) from simply getting a completely blank white page.

 

Is there an easy way to do this

 

The question is: how do you recognise a bad request? What does your page variable stand for?

Link to comment
Share on other sites

?page=[good name] loads .\php\[good name].php

 

I am not real picky about the exact mechanics of how to do this or what is displayed so long as it's SOMETHING.  I just felt like it should be something more than a totally blank white page incase somebody links in with a malformed link. 

 

Automatic redirection to the root home page would be fine.  Redirection to my 404 page would be fine too, really anything besides just a plain blank page.

 

If this is a huge deal or requires my sql implementation to do it I'll definitely put this on the back burner but I thought there might be a quick fix. 

Link to comment
Share on other sites

?page=[good name] loads .\php\[good name].php

 

I am not real picky about the exact mechanics of how to do this or what is displayed so long as it's SOMETHING.  I just felt like it should be something more than a totally blank white page incase somebody links in with a malformed link. 

 

Automatic redirection to the root home page would be fine.  Redirection to my 404 page would be fine too, really anything besides just a plain blank page.

 

If this is a huge deal or requires my sql implementation to do it I'll definitely put this on the back burner but I thought there might be a quick fix.

 

Well, the header is the way to go. How you decide to test the condition I'm not sure.

For ex.

if (condition == failure) {
header();
} else {
display
}

 

Hope that helps

Link to comment
Share on other sites

This sounds good but where to put it?

 

if (condition == failure) {
header();
} else {
display
}

 

Taking a stab...  can I just do:

if (file_exists($html_path.$file)) {
include $html_path.$file;
} else {

include $html_path.404;
}

(Note: I created a file 404.php for this exercise)

 

Where do I place this code?  Just in index.php?

Link to comment
Share on other sites

My index.php is:

 


<?php 

include "menu.inc.php";

function menu($_menu){
$str = '';
foreach($_menu as $url => $name){
	$sel = ($_GET['page'] == $url ) ? ' id="selected" ' : '';
	$str .= "<li ". $sel ."><a class='five' href=" . $url . " >" . $name . "</a></li>";
}
echo $str;
}

$page = ( isset($_GET['pg']) ?  $_GET['pg'] : ((isset($_GET['page']))? $_GET['page']:'home'));

$file = basename($page).'.php';
$html_path = "php/";

if (file_exists($html_path.$file)) include $html_path.$file;
?>

 

ANd my first guess was wildly wrong - doing that creates a nice blank white page for *everything*!

Link to comment
Share on other sites

You already have some code in place :) See:

 

if (file_exists($html_path.$file)) include $html_path.$file;

 

Now change it to:

 

if (file_exists($html_path.$file)) {
  include($html_path.$file);
} else {
  include('404.html'); //or whatever - just make sure the file IS actually there.
}

 

If you still see blank page, there might be something wring with your paths. You might want to use require instead of include(), which will tell you if it can find the file or not

Link to comment
Share on other sites

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.