scferg Posted February 7, 2008 Share Posted February 7, 2008 I have a website setup using the simple navigation function, like: http://website.com/index.php?page=blah The only problem is that if they typed in a page that does not exist, it returns with PHP not found errors. So, how do I make so that if the page is not found, another file is loaded, like error404.html ? I've tried some other codes, but either don't work at all, or don't work right. I'm a novice with PHP, so I could really use some help with this. Quote Link to comment Share on other sites More sharing options...
Stooney Posted February 7, 2008 Share Posted February 7, 2008 Well it depends on how you're going about showing the actual page. Are you using a switch statement? etc. you could try <?php if(file_exists("$_GET['page'].php")){ include("$_GET['page'].php"); } else{ include("error.php"); } ?> edit: fixed an error Quote Link to comment Share on other sites More sharing options...
rhodesa Posted February 7, 2008 Share Posted February 7, 2008 Well it depends on how you're going about showing the actual page. Are you using a switch statement? etc. you could try <?php if(file_exists($_GET['page'])){ include("$_GET['page'].php"); } else{ include("error.php"); } ?> Yeah...this is the normal way...but it should be if(file_exists($_GET['page'].'.php')){ Quote Link to comment Share on other sites More sharing options...
Stooney Posted February 7, 2008 Share Posted February 7, 2008 Another thought, you could use a switch statement for more control: switch($_GET['page']){ case 'home': include("home.php"); break; case 'about': include("about.php"); break; default: include("error.php"); break; } Quote Link to comment Share on other sites More sharing options...
priti Posted February 7, 2008 Share Posted February 7, 2008 one more thought to do the same is working in your .htaccess file by writing a rule about error 404 .when ever response form server is 404 page not found then show some particular page . ErrorDocument 404 /path/to/404.html Regards Quote Link to comment Share on other sites More sharing options...
scferg Posted February 7, 2008 Author Share Posted February 7, 2008 Well, I do have a server 404 error, but my PHP just returns with a bunch of not found errors. Is there just a simple way to have text saying "Page not found" ? Quote Link to comment Share on other sites More sharing options...
rhodesa Posted February 7, 2008 Share Posted February 7, 2008 How are you deciding on content to display? As in, can you paste the code where you work with the $_GET['page'] variable? There are lot's of solutions, and if you shows us what you have, it will be easier to provide you with the best solution. Quote Link to comment Share on other sites More sharing options...
scferg Posted February 7, 2008 Author Share Posted February 7, 2008 <?php if($section && $page) {include("./$section/$page"); } elseif($page == "case1") { echo "case1 goes here no page was written for this statement.";} elseif($page) {include("./$page.html");} else {$number=10; $only_active=TRUE; include("./news/show_news.php"); } ?> Don't laugh about how pathetic it is Quote Link to comment Share on other sites More sharing options...
rhodesa Posted February 7, 2008 Share Posted February 7, 2008 <?php $error_page = "./404.php"; if($section && $page) { if(file_exists("./$section/$page")) include("./$section/$page"); else include($error_page); }elseif($page == "case1") { echo "case1 goes here no page was written for this statement."; }elseif($page) { if(file_exists("./$page")) include("./$page.html"); else include($error_page); }else { $number=10; $only_active=TRUE; include("./news/show_news.php"); } ?> Quote Link to comment Share on other sites More sharing options...
scferg Posted February 7, 2008 Author Share Posted February 7, 2008 Hmm..it seemed to work, until I used the nav. It goes to the error page, when the page does exist... Quote Link to comment Share on other sites More sharing options...
rhodesa Posted February 7, 2008 Share Posted February 7, 2008 What are the GET variables in the URL that produce the error? So, index.php?{what is here} Also, I assumed there is code above this that sets $page and $section from their respective GET vars. Am I wrong to assume this? Quote Link to comment Share on other sites More sharing options...
scferg Posted February 7, 2008 Author Share Posted February 7, 2008 You're correct. Like, if you wanted to go to my contact page... you'd enter http://website.com/index.php?page=contact Quote Link to comment Share on other sites More sharing options...
rhodesa Posted February 7, 2008 Share Posted February 7, 2008 Ok...let's start from the top... <?php $error_page = "./404.php"; $page = $_GET['page']; $section = $_GET['section']; if($page == "case1") { //Handle special cases first echo "case1 goes here no page was written for this statement."; } elseif($page) { //Page requested $path = "{$page}.html"; if($section) //Add section $path = "{$section}/{$path}"; if(file_exists($path)) include($path); else include($error_page); } else { //Default $number=10; $only_active=TRUE; include("./news/show_news.php"); } ?> this code has a big security flaw though as it allows people to possibly see files on your computer that they shouldn't see. but, for now, let's just see if we can get this working.... Quote Link to comment Share on other sites More sharing options...
scferg Posted February 7, 2008 Author Share Posted February 7, 2008 On my computer or server? O_O Quote Link to comment Share on other sites More sharing options...
scferg Posted February 7, 2008 Author Share Posted February 7, 2008 Tried it! Works, perfect! Now...about that security flaw... Quote Link to comment Share on other sites More sharing options...
rhodesa Posted February 7, 2008 Share Posted February 7, 2008 server...wherever the index.php script is to be safe, you should only allow page keys to be letters, numbers, and underscores ... } elseif($page) { //Page requested $path = "{$page}.html"; if($section) //Add section $path = "{$section}/{$path}"; //Check keys and existance if(preg_match('/^\w+$/',$page) && preg_match('/^\w+$/',$section) && file_exists($path)) include($path); //Good to go...include it else include($error_page); //Error page } else { //Default ... Quote Link to comment Share on other sites More sharing options...
scferg Posted February 7, 2008 Author Share Posted February 7, 2008 Err...what do I do with that code? Sorry for my lack of knowledge about PHP Quote Link to comment Share on other sites More sharing options...
rhodesa Posted February 7, 2008 Share Posted February 7, 2008 It was just a snippet of the lines I updated. Here it is in it's entirety: <?php $error_page = "./404.php"; $page = $_GET['page']; $section = $_GET['section']; if($page == "case1") { //Handle special cases first echo "case1 goes here no page was written for this statement."; } elseif($page) { //Page requested $path = "{$page}.html"; if($section) //Add section $path = "{$section}/{$path}"; //Check keys and existance if(preg_match('/^\w+$/',$page) && preg_match('/^\w+$/',$section) && file_exists($path)) include($path); //Good to go...include it else include($error_page); //Error page } else { //Default $number=10; $only_active=TRUE; include("./news/show_news.php"); } ?> Quote Link to comment Share on other sites More sharing options...
scferg Posted February 7, 2008 Author Share Posted February 7, 2008 Now it's back to showing the 404 error page when the page does exist. I've got to go...school tomorrow, so I won't respond until tomorrow. Thanks for your help Quote Link to comment Share on other sites More sharing options...
rhodesa Posted February 7, 2008 Share Posted February 7, 2008 try this out tomorrow: <?php $error_page = "./404.php"; $page = $_GET['page']; $section = $_GET['section']; if($page == "case1") { //Handle special cases first echo "case1 goes here no page was written for this statement."; } elseif($page) { //Page requested $path = "{$page}.html"; if($section) //Add section $path = "{$section}/{$path}"; //Check keys and existance if(preg_match('/^\w+$/',$page) && preg_match('/^\w*$/',$section) && file_exists($path)) include($path); //Good to go...include it else include($error_page); //Error page } else { //Default $number=10; $only_active=TRUE; include("./news/show_news.php"); } ?> Quote Link to comment Share on other sites More sharing options...
rhodesa Posted February 7, 2008 Share Posted February 7, 2008 grr....that has a security hole...this should be good though: <?php $error_page = "./404.php"; $page = $_GET['page']; $section = $_GET['section']; if($page == "case1") { //Handle special cases first echo "case1 goes here no page was written for this statement."; } elseif($page) { //Page requested $path = "{$page}.html"; if($section) //Add section $path = "{$section}/{$path}"; //Check keys and existance if( preg_match('/^\w+$/',$page) && (!strlen($section) || preg_match('/^\w+$/',$section)) && file_exists($path) ) include($path); //Good to go...include it else include($error_page); //Error page } else { //Default $number=10; $only_active=TRUE; include("./news/show_news.php"); } ?> Quote Link to comment Share on other sites More sharing options...
scferg Posted February 8, 2008 Author Share Posted February 8, 2008 I'll try that code, but my FTP server is being stupid, so I don't know how long it'll be until I can upload anything to test it. Quote Link to comment Share on other sites More sharing options...
rhodesa Posted February 8, 2008 Share Posted February 8, 2008 You don't have a local php install for testing? If you are using Windows, check out WAMP Quote Link to comment Share on other sites More sharing options...
scferg Posted February 8, 2008 Author Share Posted February 8, 2008 Yup, it works. Thanks! Quote Link to comment Share on other sites More sharing options...
scferg Posted February 8, 2008 Author Share Posted February 8, 2008 So, is this code more secure than my original one? And if so, in what way? Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.