Go Back   CodingForums.com > :: Server side development > PHP
Reload this Page Php frame helping

Before you post, read our: Rules & Posting Guidelines

Reply
 
Thread Tools Rate Thread
Enjoy an ad free experience by logging in. Not a member yet? Register.
Old 03-04-2013, 07:08 PM   PM User | #1
geniused
New to the CF scene

 
Join Date: Mar 2013
Posts: 4
Thanks: 0
Thanked 0 Times in 0 Posts
geniused is an unknown quantity at this point
Php frame helping
I have written a code and having tons of trouble with it.


Goal: On index.php there is a text box (well call it $text), select box (drop menu)(well call it box, with variable a,b,c,d), and a submit button.

Below the submit form will be a frame where the select website will load (basically an iframe)

The select box is essential a list of urls, and the textbox will be added to the ending.

How do I send the url to the frame without directly redirecting the whole website?
Does php have a iframe feature?
geniused is offline   Reply With Quote
Old 03-04-2013, 07:10 PM   PM User | #2
Fou-Lu
God Emperor


 
Fou-Lu's Avatar
 
Join Date: Sep 2002
Location: Saskatoon, Saskatchewan
Posts: 15,650
Thanks: 4
Thanked 2,451 Times in 2,420 Posts
Fou-Lu is a name known to allFou-Lu is a name known to allFou-Lu is a name known to allFou-Lu is a name known to allFou-Lu is a name known to allFou-Lu is a name known to all
You don't. Frames and iframes are client side code, not server side code. You need to use javascript or HTML to target the frame. Otherwise you can self submit a form and create a new source for the iframe.
__________________
As of PHP 5.5, the MySQL library has been officially deprecated. It is recommended to move to either MySQLi or PDO libraries for your mysql connectivity. See here for help choosing which interface you prefer: http://php.net/manual/en/mysqlinfo.api.choosing.php
Fou-Lu is offline   Reply With Quote
Old 03-04-2013, 10:52 PM   PM User | #3
geniused
New to the CF scene

 
Join Date: Mar 2013
Posts: 4
Thanks: 0
Thanked 0 Times in 0 Posts
geniused is an unknown quantity at this point
Quote:
Originally Posted by Fou-Lu View Post
You don't. Frames and iframes are client side code, not server side code. You need to use javascript or HTML to target the frame. Otherwise you can self submit a form and create a new source for the iframe.
Thank you very much for your reply, I know i am new to this forum (recently just found it)

The problem with using a html iframe is that lets say I have this:

<iframe name="iframe2" src="1.php"></iframe>

the user can just go to: www.mywebsite.com/1.php and view it directly, the whole point of the iframe is out the window.

what do you mean you can self submit a for m and create a new source for the iframe?



edit: I tired and put my 1.php file in the root folder outside public_html, but it looks like the iframe can read the file outside in the root access.
Last edited by geniused; 03-04-2013 at 10:56 PM..
geniused is offline   Reply With Quote
Old 03-04-2013, 11:27 PM   PM User | #4
Fou-Lu
God Emperor


 
Fou-Lu's Avatar
 
Join Date: Sep 2002
Location: Saskatoon, Saskatchewan
Posts: 15,650
Thanks: 4
Thanked 2,451 Times in 2,420 Posts
Fou-Lu is a name known to allFou-Lu is a name known to allFou-Lu is a name known to allFou-Lu is a name known to allFou-Lu is a name known to allFou-Lu is a name known to all
I assume you mean that it *can't* read it. Which is normal; iframes are client side technology, so by giving it a source it needs to be resolvable via http, not filesystem access. PHP on the other hand isn't limited to this, so if you have a script accessible by the client, it can load outside of the public_html.
There's not a whole lot you can do to prevent direct access via url. Since this is a separate request by the client, you can't do things like constants or variable setting since they are outside of the primary page request.
What you can do is use disposable token requests assuming the primary page and the one in the iframe are both local. This involves simply setting a token for a request, and then the code in the frame retrieves, compares and consumes a token via a get request.
For a really basic example:
PHP Code:
<?php

session_start();
// just something to make it unique and randomish.
$_SESSION['requestToken'] = sha1(uniqid(''));

printf('<iframe src="mypage.php?requestToken=%s"></iframe>'$_SESSION['requestToken']);
Then on mypage.php:
PHP Code:
<?php

session_start();
if (isset($_GET['requestToken']), $_SESSION['requestToken']))
{
    if (strcmp($_GET['requestToken'], $_SESSION['requestToken']) == 0)
    {
        // this here says everything is fine and matches up.
        unset($_SESSION['requestToken']);
        // do whatever else
    }
    else
    {
        die('Invalid access token');
    }
}
else
{
    die('Invalid access token');
}
Untested, works alright in my "upstairs library".
__________________
As of PHP 5.5, the MySQL library has been officially deprecated. It is recommended to move to either MySQLi or PDO libraries for your mysql connectivity. See here for help choosing which interface you prefer: http://php.net/manual/en/mysqlinfo.api.choosing.php
Fou-Lu is offline   Reply With Quote
Old 03-06-2013, 06:29 AM   PM User | #5
geniused
New to the CF scene

 
Join Date: Mar 2013
Posts: 4
Thanks: 0
Thanked 0 Times in 0 Posts
geniused is an unknown quantity at this point
Quote:
Originally Posted by Fou-Lu View Post
I assume you mean that it *can't* read it. Which is normal; iframes are client side technology, so by giving it a source it needs to be resolvable via http, not filesystem access. PHP on the other hand isn't limited to this, so if you have a script accessible by the client, it can load outside of the public_html.
There's not a whole lot you can do to prevent direct access via url. Since this is a separate request by the client, you can't do things like constants or variable setting since they are outside of the primary page request.
What you can do is use disposable token requests assuming the primary page and the one in the iframe are both local. This involves simply setting a token for a request, and then the code in the frame retrieves, compares and consumes a token via a get request.
For a really basic example:
PHP Code:
<?php

session_start();
// just something to make it unique and randomish.
$_SESSION['requestToken'] = sha1(uniqid(''));

printf('<iframe src="mypage.php?requestToken=%s"></iframe>'$_SESSION['requestToken']);
Then on mypage.php:
PHP Code:
<?php

session_start();
if (isset($_GET['requestToken']), $_SESSION['requestToken']))
{
    if (strcmp($_GET['requestToken'], $_SESSION['requestToken']) == 0)
    {
        // this here says everything is fine and matches up.
        unset($_SESSION['requestToken']);
        // do whatever else
    }
    else
    {
        die('Invalid access token');
    }
}
else
{
    die('Invalid access token');
}
Untested, works alright in my "upstairs library".
thank you very much man, I end up using just the iframe code (I didn't know you can echo that).

Everything working great!

www.geniusv.in
geniused is offline   Reply With Quote
Reply

Bookmarks

Tags
frame, iframe, php

Jump To Top of Thread


« Previous Thread | Next Thread »
Thread Tools
Rate This Thread
Rate This Thread:

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump


All times are GMT +1. The time now is 03:25 PM.
Advertisement
Log in to turn off these ads.