parsing text files

#1 (**permalink**) 07-23-2003

I am very new to PHP, what I am trying to do is something like this:

Parse text files based on a URL the user enters.

For example something like (my syntax is probably wrong):

http://www.example.com/index.php?one.txt
http://www.example.com/index.php?two.txt
http://www.example.com/index.php?three.txt

This way I would have a standard html template that gets populated by
different text files.

#2 (**permalink**) 07-24-2003

"vKp" <asso101@hotmail.com> wrote in message
news:bfm6qo$m9b$1@newsg4.svr.pol.co.uk...

> Then on the index page have something like:
> <?php
> $page = $_GET['page'];
> include("path/to/text/file/dir/" . $page . ".txt");
> ?>
>
> One thing you should be careful of is making sure that you don't just
> include any old file from any location.

What about simply hardcoding the URL into the path?
Like this:
include("http://www.example.com/dir/" . $page . ".txt");

Would that take care of any security concerns as only pages that originate
on my server could be used?

#3 (**permalink**) 07-24-2003

mike c wrote:

> What about simply hardcoding the URL into the path?
> Like this:
> include("http://www.example.com/dir/" . $page . ".txt");
>
> Would that take care of any security concerns as only pages that originate
> on my server could be used?
>
>

It probably would. Because the possibility to do something like
http://www.example.com/?page=evilsite.com/myevilcode with a txt-file
with some really "evil" code in it would be eliminated. So, maybe I
forget some other sec.problems but it would take care of the most
famous/dangerous one.

Regards,
Blizt

Thread Tools
Show Printable Version Email this Page
Display Modes
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode