PHP外部链接帮助
[英]PHP External Link Help
问题描述
Hi I have the following page which sets a cookie with the current URL and also a simple external link. 
嗨,我有以下页面,该页面设置带有当前URL的cookie以及一个简单的外部链接。
<?php
function pageURL()
{
$pageURL = 'http';
if ($_SERVER["HTTPS"] == "on")
{
$pageURL .= "s";
}
$pageURL .= "://";
if ($_SERVER["SERVER_PORT"] != "80")
{
$pageURL .= $_SERVER["SERVER_NAME"].":".$_SERVER["SERVER_PORT"].$_SERVER["REQUEST_URI"];
}
else
{
$pageURL .= $_SERVER["SERVER_NAME"].$_SERVER["REQUEST_URI"];
}
return $pageURL;
}
$CurrentPage = pageURL();
setcookie('linkback', $CurrentPage);
?>
<p><a href="http://www.google.com/">External Link</a></p>
What I want to do is using PHP add a prefix to all external links so that they have have the following structure: 我想做的是使用PHP为所有外部链接添加前缀,以便它们具有以下结构:
localhost/outgoing?url=http://www.google.com/
This loads up an outgoing page like so: 这样会加载一个传出页面,如下所示:
<?php
if(!isset($_GET['url']))
{
header('HTTP/1.0 404 Not Found');
}
?>
<h1>Warning! Now leaving website</h1>
<ul>
<li><a title="Return to Website" href="<?php if(isset($_COOKIE['linkback'])) { echo $_COOKIE['linkback']; } else { echo 'http://localhost:8888/creathive/'; } ?>">Return to Website</a></li>
<li><a title="Continue to <?php echo $_GET['url']; ?>" href="<?php echo $_GET['url']; ?>">Continue to <?php echo $_GET['url']; ?></a></li>
</ul>
The idea is that using the cookie set in the previous page I can have a simple back button, and also grab the url from the query and allow the user to continue after being warned they are leaving the site. 这个想法是,使用上一页中设置的cookie,我可以有一个简单的后退按钮,还可以从查询中获取URL,并在警告用户离开网站后允许用户继续。
The problems I have are: 我遇到的问题是:
1.) Prefixing external URLS so that they go to the outgoing page 1.)前缀外部URL,以便它们转到传出页面
2.) The isset on the top of the outgoing page is supposed to be throwing a 404 if a user visits the outgoing page without a url query string but isn't 2)如果用户在没有url查询字符串但没有url查询字符串的情况下访问传出页面,则传出页面顶部的isset应该抛出404
3.) Need to make sure that URLS are valid so for example prevent this for happening: localhost/outgoing?url=moo 3.)需要确保URLS有效,例如防止发生这种情况: localhost/outgoing?url=moo
4 个解决方案
解决方案1
0 2010-11-23 13:06:16
You will need to replace every external URL in your code according to the new scheme. 您将需要根据新方案替换代码中的每个外部URL。 There is no way doing this automaticalle for all outgoing links. 无法对所有传出链接执行此自动操作。
This is because, if the user clicks on an external URL, the request is not sent to your server, but the external one. 这是因为,如果用户单击外部URL,则请求不会发送到您的服务器,而是发送到您的外部URL。
Edit: The only thing you could do is caching all your output with ob_start() and then replace all links using a regexp, before printing them on your page. 编辑:唯一可以做的就是用ob_start()缓存所有输出,然后在将它们打印在页面上之前,使用正则表达式替换所有链接。
But the better solution would be to replace all links yourself. 但是更好的解决方案是自己替换所有链接。
解决方案2
0 2010-11-23 13:14:10
Can you elaborate?
你能详细说明吗? Isset isnt exactly the "right" tool.
Isset并不是完全正确的工具。 try arrya_key_exists('url', $_GET)…. 尝试arrya_key_exists('url',$ _GET)...。 Code like this should do ya. 这样的代码应该做。
function haveUrl() {
if (array_key_exists('url', $_GET)) {
$url = $_GET['url'];
if (!empty($url)) return true;
}
return false;
}
- You can simply check to see if they start with http:// or https://... This may be done best with a regex…. 您可以简单地检查它们是否以http://或https://开头。使用正则表达式可以做到最好……。 something like… 就像是…
function validUrl($url) {
if (preg_match('\^(http:\/\/|https:\/\/)\mi', $url) {
if (preg_match('\localhost\mi', $url) return false;
else return trus;
}
return false;
}
解决方案3
0 2010-11-23 13:16:08
1) I would create a class for all links, and use something like $links->create("http://...") and there you place the redirection and everything you might need. 1)我将为所有链接创建一个类,并使用$ links-> create(“ http:// ...”)之类的东西,然后在其中放置重定向以及可能需要的所有内容。
3) 3)
You could use the code in the following link: link text 您可以在以下链接中使用代码: 链接文本
解决方案4
0 2010-11-23 13:23:22
1.) Prefixing external URLS so that they go to the outgoing page
You need a DOM tool for this. 为此,您需要一个DOM工具。 For instance SimpleXML or Simple HTML DOM parser or any of it's kind to manipulate the outgoing links on the page you are rendering. 例如, SimpleXML或Simple HTML DOM解析器,或者任何一种都可以处理您正在呈现的页面上的传出链接。 (Find more available options in this question .) (在此问题中找到更多可用的选项。)
Optimally, you will cache the results of this operation as it can be quite expensive (read: slow) and update the cached version on update or after a defined period of time. 理想情况下,您将缓存此操作的结果,因为它可能非常昂贵(读取:缓慢),并在更新时或在定义的时间段后更新缓存的版本。
2.) The isset on the top of the outgoing page is supposed to be throwing a 404 if a user visits the outgoing page without a url query string but isn't
Yes it does, but you need to stop execution after this point if you don't want to render the rest of the page. 是的,确实可以,但是如果您不想渲染页面的其余部分,则需要在此之后停止执行。 A 404 error can - and should! 404错误可以-而且应该! - have a page body, it's a response like any other HTTP response. -有一个页面正文,它是一个响应,就像其他任何HTTP响应一样。
3.) Need to make sure that URLS are valid so for example prevent this for happening: localhost/outgoing?url=moo
Even if you do so - and indeed you should, nothing will prevent anyone from accessing localhost/outgoing?url=foo by manual URL manipulation. 即使这样做-确实应该这样做,也不会阻止任何人通过手动URL操作访问localhost/outgoing?url=foo 。 Url parameters, or any other user input can never be trusted. 网址参数或任何其他用户输入永远不会被信任。 In other words you need to check the outgoing url in the outgoing-script no matter what. 换句话说,无论如何,您都需要检查输出脚本中的输出URL。
And don't forget to sanitize rigourously! 并且不要忘记严格消毒! Functionality such as this is screaming to be abused. 诸如此类的功能被滥用。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.