/    Sign up×
Community /Pin to ProfileBookmark

Hpw to change the url format in php

Copy linkTweet thisAlerts:
Oct 17.2017

I have a redirect code this one:

[code=php]<?php
header(“Refresh: 5; url={$_GET[‘url’]}”);
echo ‘You are redirecting to … page’;
?>[/code]

And it works like when i add any external url at the end of [B][url]http://my-domain.com/URL.php?url=[/url][/B] it just redirects to external domain in this case let’s take google for external url:

http//my-domain.com/URL.php?url=http//www.google.com

and it just redirects directly on the page after 5 seconds and i want to change the url format like this

http//my-domain.com/URL.php?http//www.google.com

or this

http//my-domain.com/?http//www.google.com

i know for this^ i need to make changes in index.php but don’t know how to reformat the url ?

to post a comment
PHP

3 Comments(s)

Copy linkTweet thisAlerts:
@rootOct 17.2017 — NEVER!!!! use a $_POST or $_GET input like that, Sanitize the input in to a safe variable otherwise someone who tries to inject code to break the script can easily do so.

Also there's not point in doing what you ask in modifying the URL redirect, it would be a pointless step because the Query string that the GET will return is just the URL of the target domain.

Normally people want to turn a URL in to something like this [B]http//my-domain.com/google[/B] and use URL Rewriting (something not done in PHP) to rewrite the URL received in to http//my-domain.com/URL.php?url=http//www.google.com for the internal script to handle.

The example I gave you was a safer method based on what you posted. [code=php]$redirect = isset($_GET['url']) and $_SERVER['REQUEST_METHOD']=="GET" ?
filter_var($_GET['url'], FILTER_SANITIZE_URL) : false;

if($redirect){

// add in your counter query to the database to update the count here...


// then send a page refresh header to send the browser to its final destination!
header("Refresh: 3; URL='{$redirect}'");
exit();
} [/code] which is a darn sight more secure that just accepting a raw input.

In short, the first line is a Ternary operator that tests if the desired input field has been set, meaning has it any value, remember that this can be set but empty! thats why I said its only basic, so if it is set to TRUE the first action is the TRUE result which is the filter_var operation which itself if it passes the filter will be the value of the raw input otherwise if it fails, then FALSE is returned.

So if the input fails or is not set, the routine won't redirect because the TRUE condition (or having a value) has not been met, to improve the security of the routine, you use the empty() function to test if the data passed is empty and most often you see !empty( $variable ) being used, so if the variable isset but has zero length string the return of empty will be TRUE but FALSE if it has data in it, so if !empty() is used, the result and data is in there, empty returns FALSE and !FALSE is TRUE, that way if you want to check that data is present you use the not empty method as described as a stage in the processing of the input.
Copy linkTweet thisAlerts:
@V_MPIREauthorOct 17.2017 — Oh but how this code works? i mean when i use the same redirect method like this:

[B]http://my-domain.com/URL2.php/?url=http://google.com[/B]

with this script it just redirects to

http://my-domain.com/URL2.php/1

?
Copy linkTweet thisAlerts:
@rootOct 17.2017 — If you read my post then you would be able to follow the example.

[code=php]<?php
$isGet = isset($_GET['url']) and $_SERVER['REQUEST_METHOD']=="GET" ? true : false;
if($isGet){
$redirect = filter_var(urldecode($_GET['url']), FILTER_SANITIZE_URL);

// add in your counter query to the database to update the count here...


// then send a page refresh header to send the browser to its final destination!
header("Refresh: 3; URL="{$redirect}"");
exit();
}

?>[/code]
That works as I have tried it with a URL http://****.org.uk/url.php?url=http%3a%2f%2fwebdeveloper.com and it seems to be something in the Ternary operator was causing the string returned to return a TRUE value rather than the http string itself, so a little mod and that is the basics.

You could add in an !empty() check to ensure that there is something passed, the filter_var is set to check a URL exists, which should be a url encoded string.

As for code skills, these are the little things that you need to learn that if a code isn't working is not because its been coded wrong but that there is a failure in the logic which in this case led to the TRUE value being returned.
×

Success!

Help @V_MPIRE spread the word by sharing this article on Twitter...

Tweet This
Sign in
Forgot password?
Sign in with TwitchSign in with GithubCreate Account
about: ({
version: 0.1.9 BETA 5.18,
whats_new: community page,
up_next: more Davinci•003 tasks,
coming_soon: events calendar,
social: @webDeveloperHQ
});

legal: ({
terms: of use,
privacy: policy
});
changelog: (
version: 0.1.9,
notes: added community page

version: 0.1.8,
notes: added Davinci•003

version: 0.1.7,
notes: upvote answers to bounties

version: 0.1.6,
notes: article editor refresh
)...
recent_tips: (
tipper: @AriseFacilitySolutions09,
tipped: article
amount: 1000 SATS,

tipper: @Yussuf4331,
tipped: article
amount: 1000 SATS,

tipper: @darkwebsites540,
tipped: article
amount: 10 SATS,
)...