Hello and welcome to our community! Is this your first visit?
Register
Enjoy an ad free experience by logging in. Not a member yet? Register.
Results 1 to 7 of 7
  1. #1
    New to the CF scene
    Join Date
    Oct 2012
    Posts
    4
    Thanks
    1
    Thanked 0 Times in 0 Posts

    dynamic url help

    can anybody in the forum explain how i can create a dynamic url for a website in php, i dont want my site scripts to be displayed, i want something like this
    www.mywebsite.com/gbibhjsbs7i3498yhiouhf8793
    that will always change if another user points to www.mywebsite.com. thanks i will be grateful if anybody can help me asap.

  • #2
    Senior Coder
    Join Date
    Jan 2011
    Location
    Missouri
    Posts
    4,096
    Thanks
    23
    Thanked 594 Times in 593 Posts
    php scripts are never displayed to the user, so what your doing is not necessary. Only if someone breaks into your site will they see your php and then nothing you do will stop them.

  • #3
    New to the CF scene
    Join Date
    Oct 2012
    Posts
    4
    Thanks
    1
    Thanked 0 Times in 0 Posts
    bro, what am saying is i want all or some of my websites link to auto generate ur token after my domian, on this forum we can all see the newreply.php i dont want that make sql injection easy, but if is a one time url token, they cant sql your site, hope u understand what am trying to tell u. thanks

  • #4
    Regular Coder Custard7A's Avatar
    Join Date
    Jul 2010
    Location
    Australia
    Posts
    286
    Thanks
    32
    Thanked 33 Times in 33 Posts
    You seem to be trying to append a session token to the URL — or a once-only deal — correct me if I'm wrong there, without the URL appearing dynamic.

    A dynamic URL is simply variables passed in the URL, meaning you can't avoid something like domain.com/file.php?variable=value. However, you can 'mask' these URLs with htaccess, which works by allowing access to that path via another. For the example I just used, I could change it to be accessed as domain.com/file/value. This is a good technique for set pages, such as a user page, however I don't believe there is an efficient way to mask a random value you are passing to every page. You would need to create a new htaccess mask for every page on your site, and if you miss one.. it would be messy.

    More importantly, this is an absurd approach to preventing SQL injection — or any form of attack — and is a waste of time. Knowing the name of variables, such as this page using the "t" variable, is of no benefit to an attacker if a few simple sanitations are in effect. Sanitation > security by obscurity.

  • Users who have thanked Custard7A for this post:

    teemone2001 (10-26-2012)

  • #5
    New to the CF scene
    Join Date
    Oct 2012
    Posts
    4
    Thanks
    1
    Thanked 0 Times in 0 Posts
    good, can u show me how to go about creating it? thanks

  • #6
    Senior Coder
    Join Date
    Feb 2011
    Location
    Your Monitor
    Posts
    4,313
    Thanks
    58
    Thanked 525 Times in 512 Posts
    Blog Entries
    5
    Quote Originally Posted by sunfighter View Post
    php scripts are never displayed to the user, so what your doing is not necessary. Only if someone breaks into your site will they see your php and then nothing you do will stop them.
    I think you need to stop guessing

    The op is saying they don't want www.domain.com/file.php?something=else
    Instead they way something like www.domain.com/something/else

    The technique the op wants is url rewriting. With apache it's mod_rewrite that does the job. Its been years since I've used it so I'm not a good one to provide examples but you have to store the urls and the converted urls in a .htaccess file.
    See my new CodingForums Blog: http://www.codingforums.com/blogs/tangoforce/

    Many useful explanations and tips including: Cannot modify headers - already sent, The IE if (isset($_POST['submit'])) bug explained, unexpected T_CONSTANT_ENCAPSED_STRING, debugging tips and much more!

  • #7
    Regular Coder
    Join Date
    Apr 2012
    Posts
    104
    Thanks
    27
    Thanked 2 Times in 2 Posts
    Everything is simpler with jQuery!


  •  

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •