Jump to content

Recommended Posts

Hi, i have a directory script (active onlne) which is pretty old.

It was created before the world started to shift from mere http:// to https://

 

So, the submission form auto-populates any submitted url with

http:// - unfortunately it adds that also when someone submits a secure site (hence it turns the url into http://https://somesite.com).

In my admin area i can edit the first http out, but as soon aas i save the changes it will put it back in there.

 

I have looked through all PHP and JS files and could only find 2 spots in one file that refer to http:// at all, this PHP function looks like this:

 

"    function ParseURL($url) {

      $url = trim($url);

      

      //if (strpos($url, '.')<1) { return false;  }

      

      // check if empty 

      $len = strlen($url);

      if ($len<3) { return false;  }

      

      if (strcmp("http://", substr($url, 0, 7)) !== 0) {

          $url = "http://" . $url;

      }

  

      $url_stuff = parse_url($url);

      if (!isset($url_stuff["path"])) {  $url = $url . "/";  }

 

      return $url;

    }"

    

Now, i have no PHP skills other than maybe this or that simple thing to edit in an existing file, but this bit of code i do not really understand so i would like to ask in this forum here 

- how can i simply stop this http:// to auto-populate the URL form field??

 (I anyway prefer if people copy and paste their URL's from the browser bars to ensure there is no typo, so, no need for any auto-populating anything).

    

I suspect there are more places than just this that may need to be edited, but the following should "fix" that bit of code above. However, I would add a much better validation to ensure a proper URL was submitted

function ParseURL($url) {

    //Trim the value
    $url = trim($url);
 
    //if (strpos($url, '.')<1) { return false;  }
 
    // check if empty/too short
    if (strlen($url)<3) { return false; }
 
    //Test is string begins with "http://" OR "https://"
    if (strncasecmp($url, "http://", 7)!==0  && strncasecmp($url, "https://", !==0) {
        //If neither protocol found, use default
        $url = "http://" . $url;
    }
 
    $url_stuff = parse_url($url);
    if (!isset($url_stuff["path"])) {  $url = $url . "/";  }
 
    return $url;
}
Edited by Psycho
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.