Omnimaga
General Discussion => Technology and Development => Web Programming and Design => Topic started by: Munchor on September 11, 2011, 02:33:03 pm
-
Let's say I have this HTML file:
<!doctype html><html>
<head>
<title>My Page</title>
</head>
<body>
<form action="handler.php" method="post">
<p><input type="text" name="text" id="text" /></p>
<p><input type="submit" value="Go" /></p>
</form>
<body>
</html>
And then I have this file (handler.php):
<?php
$text = $_POST["text"]; //gets the text from the text field
?>
Basically, it's a very simple form. How can I know the name of the file that called the .php file?
I want to get it's URL, is there a way I can do this? Thanks!
-
$_SERVER['HTTP_REFERER']; I think will work.
Try passing it as a parameter if that doesn't work ( you can figure out the url dynamically using window.location ( JavaScript ) )
-
It all depends on whether the client's browser decides to give that information to your script. The variable $_SERVER['HTTP_REFERER'], if set, refers to the page that led the user there. Unfortunately, browsers aren't obligated to set it in any way, so you can never be sure.
EDIT: Ninja'd.
-
It all depends on whether the client's browser decides to give that information to your script. The variable $_SERVER['HTTP_REFERER'], if set, refers to the page that led the user there. Unfortunately, browsers aren't obligated to set it in any way, so you can never be sure.
Yeah I just found that. You would probably want to use the passing the url mehod ephan since it will work 100% of the time as opposed to the other method.
-
Actually, a more fail-proof method to do that (without Javascript) would be to use an <input type="hidden" name="url" value="CURRENT_URL" /> or something similar.
-
Actually, a more fail-proof method to do that (without Javascript) would be to use an <input type="hidden" name="url" value="CURRENT_URL" /> or something similar.
Yes, but I don't really like to trust Javascript this things, because the user could delete it to make my php script fail. I like to think about anything that can happen.
Either way, if that's the only way of achieving, I'll have to go for it.
-
There's no failproof method, since the only part that knows that is the client. If you wanted to make your HTML file PHP, you could set a session variable to store it, but even that isn't 100%.
-
Actually, a more fail-proof method to do that (without Javascript) would be to use an <input type="hidden" name="url" value="CURRENT_URL" /> or something similar.
Yes, but I don't really like to trust Javascript this things, because the user could delete it to make my php script fail. I like to think about anything that can happen.
Exactly, that's why I suggested using a hidden input. No JavaScript needed.
-
Actually, a more fail-proof method to do that (without Javascript) would be to use an <input type="hidden" name="url" value="CURRENT_URL" /> or something similar.
Yes, but I don't really like to trust Javascript this things, because the user could delete it to make my php script fail. I like to think about anything that can happen.
Exactly, that's why I suggested using a hidden input. No JavaScript needed.
When I said "Javascript", I meant the HTML Code. The user can change it I think, right?
-
The user can send anything to your server, there's not much you can do about it. They have to be trusted to some degree.
-
Actually, a more fail-proof method to do that (without Javascript) would be to use an <input type="hidden" name="url" value="CURRENT_URL" /> or something similar.
Yes, but I don't really like to trust Javascript this things, because the user could delete it to make my php script fail. I like to think about anything that can happen.
Exactly, that's why I suggested using a hidden input. No JavaScript needed.
When I said "Javascript", I meant the HTML Code. The user can change it I think, right?
Only through a debugger like Firebug, but then you can do anything, so it's no different that adding a new <a> tag, for instance.
-
Yes, I managed to do it in another way, but er, thanks everyone!
-
Actually, a more fail-proof method to do that (without Javascript) would be to use an <input type="hidden" name="url" value="CURRENT_URL" /> or something similar.
That's actually what I was talking about, have the javascript grab it. Although hard coding it in would work better.Yes, I managed to do it in another way, but er, thanks everyone!
Np, glad to be able to give you some options. How did you actually go about doing it might I ask?
-
Actually, a more fail-proof method to do that (without Javascript) would be to use an <input type="hidden" name="url" value="CURRENT_URL" /> or something similar.
That's actually what I was talking about, have the javascript grab it. Although hard coding it in would work better.Yes, I managed to do it in another way, but er, thanks everyone!
Np, glad to be able to give you some options. How did you actually go about doing it might I ask?
I just have a string with the location of the form. I wanted to make it dynamic, to work everywhere, but it's not really how I wanted.
-
There's 1 real secure way to do this.
As soon as the form is loaded (for example: ./form.php)
You create a $_SESSION['currentpage'] = 'form.php';
And when the user submits the form, you check that variable. If it's empty (or !isset(... ), the user has deleted the session cookie.
In that case you simply return back to the form ;)
-
There's 1 real secure way to do this.
As soon as the form is loaded (for example: ./form.php)
You create a $_SESSION['currentpage'] = 'form.php';
And when the user submits the form, you check that variable. If it's empty, the user has deleted the session cookie.
In that case you simply return back to the form ;)
Er, what? I only need to get the location of the form, like:
http://www.mywebsite.com/folder/form.html
The location is http://www.mywebsite.com/folder.
-
Er, what? I only need to get the location of the form, like:
http://www.mywebsite.com/folder/form.html
The location is http://www.mywebsite.com/folder.
Well, then, first, i'd change form.html to form.php then
On top of form.php you add:
<?php
session_start();
$_SESSION['location'] = 'http://www.mywebsite.com/folder';
?>
And on handler.php (the form action):
<?php
session_start();
if ( !isset($_SESSION['location']) )
{
die('OMFGZ, Y U DELETE COOKIE? <a href="#" onClick="javascript:history.back();">Go back</a>');
}
var $loc = $_SESSION['location'];
if ( $loc == 'http://www.mywebsite.com/folder' )
{
//Specific functions for this location
}
?>
-
Ikkerens, you are not understanding... I don't know what the URL is, "http://www.mywebsite.com/folder" was an example. I need to get it as I said before ;)
-
But you said you were already using a string to set the location.
Well, my solution ain't dynamic either, but at least more secure than that imho
-
But you said you were already using a string to set the location.
Well, my solution ain't dynamic either, but at least more secure than that imho
I have a string with it, in the php file, there's no way the user can delete it.
-
Nevermind then :P
-
Nevermind then :P
No problem, thanks for the attention ;)