...

View Full Version : Disabling the Dynamic Parameters



Tony M
06-23-2010, 11:43 PM
I am having a problem with the dynamic parameters. Many visitors (of My website) when they want to link to My website, they link to it and sometimes they add parameters (that I didn't put), like they link to http://www.example.com/tony.php?sid=1234 , and don't link to the main page that is http://www.example.com/tony.php, so now I had a mixed statistics about My visitors, and search engines (like "Google") begins to ban My website because it sees the same page in different parameters (or URLs).
So I there a way to disable these parameters or make My pages to redirect automatically to the main page (when a person enters the page by a parameter)? (if this is not possible, please say that is not possible)

Samhain13
06-24-2010, 07:35 AM
One possible solution:

In your PHP script, create an array of GET arguments that you will recognise. Get a list of keys from GET and compare each key with the contents of your array of acceptable arguments. If any an unacceptable argument was passed, send a 404 header and show a Not-Found page:

$what_we_want = array("id", "sid"); // Acceptable keys
$what_we_got = array_keys($_GET); // Arguments from GET
$we_are_good = true; // A flag for later.

// Start comparing.
foreach ($what_we_got as $g) {
if (!in_array($g, $what_we_want) {
// It means an unacceptable or unrecognised argument was passed.
$we_are_good = false;
}
}

if ($we_are_good) {
// Do whatever it is you would normally do.

} else {
// Since we got unacceptable arguments, issue a 404 header.
header("HTTP/1.1 404 Not Found");

// Echo out or include an error page here.
}

The 404 can also be a "400 Bad Request", but it depends on how you look at it. :D

Tony M
06-24-2010, 01:30 PM
Thank You Samhain13, (Sorry, I am a beginner in php) so where to put these codes that You showed Me above?

all My php pages are like that:


<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<title>My test page</title>
</head>
<body background="images/f.jpg" leftmargin="0" topmargin="0" marginwidth="0" marginheight="0">
........................................................................
...............................................
........................................................................
...............................................
........................................................................
...............................................
</body>
</html>

Samhain13
06-25-2010, 04:42 AM
You can wrap the script around your page. But since we're potentially sending out a header, it might be a safer to change our IF statement so we don't accidentally send a response before issuing the header:


<?php
// "<?php" MUST be the first characters in the file, do not put a space
// or any character before them. Just a reminder.

$what_we_want = array("id", "sid"); // Acceptable keys
$what_we_got = array_keys($_GET); // Arguments from GET
$we_are_good = true; // A flag for later.

// Start comparing.
foreach ($what_we_got as $g) {
if (!in_array($g, $what_we_want) {
// It means an unacceptable or unrecognised argument was passed.
$we_are_good = false;
}
}

// Changed this. We're testing for NOT good first because we don't want to
// accidentally send out anything before the header.
if (!$we_are_good) {
// Since we got unacceptable arguments, issue a 404 header.
header("HTTP/1.1 404 Not Found");

// The following is an error page:
?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<title>404 Page Not Found</title>
</head>
<body>
<p>A message that tells people that the page doesn't exist.</p>
</body>
</html>
<?php

} else {
// This part is what we really want. The following is your REAL page:
?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<title>My Test Page</title>
</head>
<body background="images/f.jpg">
<p>Whatever else you've put in there...</p>
</body>
</html>
<?php } ?>

Tony M
06-25-2010, 01:37 PM
When I use the codes that You tells Me about above I get an Error:

Parse error: syntax error, unexpected '{' in /www/example.com/q/u/i/example/htdocs/tony.php on line 11

Please test it Yourself and find Out what is wrong :confused:

Samhain13
06-25-2010, 07:27 PM
Ooops! Sorry, I missed a closing parenthesis... this should work:


<?php
// "<?php" MUST be the first characters in the file, do not put a space
// or any character before them. Just a reminder.

$what_we_want = array("id", "sid"); // Acceptable keys
$what_we_got = array_keys($_GET); // Arguments from GET
$we_are_good = true; // A flag for later.

// Start comparing.
foreach ($what_we_got as $g) {
// The error was here. Fixed it.
if (!in_array($g, $what_we_want)) {
// It means an unacceptable or unrecognised argument was passed.
$we_are_good = false;
}
}

// Changed this. We're testing for NOT good first because we don't want to
// accidentally send out anything before the header.
if (!$we_are_good) {
// Since we got unacceptable arguments, issue a 404 header.
header("HTTP/1.1 404 Not Found");

// The following is an error page:
?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<title>404 Page Not Found</title>
</head>
<body>
<p>A message that tells people that the page doesn't exist.</p>
</body>
</html>
<?php

} else {
// This part is what we really want. The following is your REAL page:
?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<title>My Test Page</title>
</head>
<body background="images/f.jpg">
<p>Whatever else you've put in there...</p>
</body>
</html>
<?php } ?>

Tony M
06-25-2010, 10:32 PM
Ok, It seems that this code do not actually work (for the reason that I do not know why). After I put the code on My pages, when I enter the page like www.example.com/tony.php it work normally, but when I put www.example.com/tony.php?id=1234 the page reacts like We didn't even put a code (the page opens normaly and do not put the 404 error page).
So Please test this and tell Me what might be the problem :confused: ?

Samhain13
06-25-2010, 10:41 PM
That's because the way the script is written, it accepts "id" and "sid" from GET:

$what_we_want = array("id", "sid"); // Acceptable keys
Which makes tony.php?id=1234 or tony.php?sid=1234 acceptable.

If you don't want to accept ANY arguments from GET, leave the array empty:

$what_we_want = array(); // Now it's empty.

In the future, if you want to accept an argument "bob", put it in the array:

$what_we_want = array("bob");
That will make tony.php?bob=1234 acceptable.

Tony M
06-25-2010, 10:56 PM
(oK, Thanks, The files are now working like I want)

Is there is a way to redirect the
if (!$we_are_good) {
// Since we got unacceptable arguments, issue a 404 header.
header("HTTP/1.1 404 Not Found"); to the main 404 page of My website and NOT the page (the page that We added in the php code) that is
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<title>404 Page Not Found</title>
</head>
<body>
<p>A message that tells people that the page doesn't exist.</p>
</body>
</html>

Samhain13
06-25-2010, 11:06 PM
It's a dirty hack but you can try to issue a Location header that leads to a non-existent page.


if (!$we_are_good) {
// Since we got unacceptable arguments, issue a 404 header.
// header("HTTP/1.1 404 Not Found"); // Changes.
header("Location: /a_non_existent_page.html");


This will force the script to redirect to a_non_existent_page.html, which I hope really doesn't exist in your server. The search engine bots will still receive the same "404 Not Found" header that way, but only after getting redirected. I don't think that's a good way to go. :D

Tony M
06-25-2010, 11:16 PM
Can I make a 301 redirect (in the 404 code) that redirects to the main page, or this can lead to errors...? :confused:
(in this way when a visitor enter www.example.com/tony.php?id=123 then he will be redirected 301 to www.example.com/tony.php)

Samhain13
06-26-2010, 12:18 AM
That's why I called my last post a dirty hack. It issues a 302 Found (http://php.net/manual/en/function.header.php) status and redirects to a location that will ultimately lead to a 404, which I think is not a good thing. If you 301 it, like:


header("HTTP/1.1 301 Moved Permanently");
header("Location: /tony.php");

Wouldn't it be the same as not using our script at all? Because that basically says tony.php?id=12345 is equivalent tony.php, which started this whole situation. If it were up to me, I'd stick with our original solution of issuing that 404 outright and you can just tweak the resulting HTML to suit your site.

Tony M
06-26-2010, 12:56 AM
Ok, I have this last question: I want to put this code (all the code of disabling the parameters) in an external file, and use php include() to include it in all of My pages (so that is if I want to disable this function (of disabling parameters) I only change one file and not My entire website).
So do this thing create Errors or malfunctions of My website or the hosting server? (because in http://php.net/manual/en/function.header.php they wrote:
Remember that header() must be called before any actual output is sent, either by normal HTML tags, blank lines in a file, or from PHP. It is a very common error to read code with include(), or require(), functions, or another file access function, and have spaces or empty lines that are output before header() is called. The same problem exists when using a single PHP/HTML file. (I do not know very well the meaning of this)

Samhain13
06-27-2010, 04:05 AM
Three things:

1. Create a file called "get_checker.php" (it should be at the same directory as tony.php), with the following contents:

<?php

// "<?php" MUST be the first characters in the file, do not put a space
// or any character before them. Just a reminder.

$what_we_want = array(); // Acceptable keys, empty for now.
$what_we_got = array_keys($_GET); // Arguments from GET
$we_are_good = true; // A flag for later.

// Start comparing.
foreach ($what_we_got as $g) {
if (!in_array($g, $what_we_want)) {
// It means an unacceptable or unrecognised argument was passed.
$we_are_good = false;
}
}


if (!$we_are_good) {

// Since we got unacceptable arguments, issue a 404 header.
header("HTTP/1.1 404 Not Found");

// Change the contents of the page below to suit your site.
?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<title>404 Page Not Found</title>
</head>
<body>
<h1>404 Page Not Found</h1>
<p>A message that tells people that the page doesn't exist.</p>
</body>
</html>
<?php } ?>


2. Use include in tony.php but there needs to be an if condition before you send out your page. tony.php will then look like this:

<?php

// Include the GET checker.
include "get_checker.php";

// This condition is important because it prevents the following page from
// being sent to the visitor if there are GET arguments that we don't like.
if ($we_are_good) {

// You can change the page below...
?>
<!DOCTYPE html>
<html>
<head>
<title>Your page here.</title>
</head>

<body>
<h1>Your page here.</h1>
</body>
</html>
<?php } ?>

3. Don't forget to put "<?php } ?>" at the very bottom of the page, as shown in the code box.

------------

Anyway, this whole situation got me thinking. Why are you using .php for your pages when it seems you're simply using them as static files? Wouldn't using .html or .htm be better?

Tony M
06-28-2010, 12:48 AM
Ok, in php I can edit all My 250 pages from one page by simply using php include. I do not know if I can do that in html :confused:

But why:

Create a file called "get_checker.php" (it should be at the same directory as tony.php)
Is there is problem to make this get_checker.php file in another directory (as tony.php), and change the include to be like:

include "../another-directory/get_checker.php";
(so that get_checker.php will be in another directory than tony.php is. Because I have many directories and if I want to make this get_checker.php in every directory it will want a lot of time)

So is it possible to make this get_checker.php in another directory (other than the directory where tony.php suppose to be)?:confused:
(sorry for My long questions)

Samhain13
06-28-2010, 07:43 AM
Yup. Totally possible. You have the right idea of changing the path in the "include" statement. :D



EZ Archive Ads Plugin for vBulletin Copyright 2006 Computer Help Forum