Template like system...

[dclamp]

Hello all,

I downoladed SMF forum and they used an amazimg template like system. I want to intergrade this into my site. Here is how it works:

the user goes to say "http://rapidfriends.com/index.php?action=pagename"

it loads index.php which from there loads top.php, bottom.php and takes the action (pagename) and somewhat "includes" pagename.php inbetween them.

how shall i go about doing this? thanks for all the help inadvanced!

[kows]

basically:

PHP Code:

<?php
  //find out the action -- assumes your main action would be "main"
  $thisaction = (isset($_GET['action']) && $_GET['action'] != "") ? $_GET['action'] : "main";
  require_once("top.php");
?>
might want to put some html here
<?php
  $path = './inc/';
  $extension = '.inc.php';
  if(file_exists($path . $thisaction . $extension))
    $filename = $thisaction;
  else
    $filename = 'error';
  require_once($path . $filename . $extension);
?>
might want to put some more html here
<?php require_once("bottom.php"); ?>

this will load the action page if it exists in directory /inc/ with a default extension of .inc.php, otherwise it will load /inc/error.inc.php, generally stating that the requested document does not exist. when I do something like this, I usually have a switch() statement that checks the validity of the file, and otherwise will default to my "main" page, or error page. something like:

PHP Code:

<?php
  switch($thisaction){
    case "main":
      $inc = 'main';
      break;
    case "testpage":
      $inc = './../tests/testpage.php';
      break;
    default:
      $inc = 'error';
  }
  //only add the default extension to files that do not already have a ".php" extension
  $ext = (strpos($thisaction, ".php") === false) ? '.inc.php' : '';
  require_once($path . $inc . $ext);
?>

this way, it's easy to upload files so that YOU can test them, but your users can't actually view them by going to the "index.php?action=testpage2" or whatever (because unless you put that case on the switch() list, the user can't view the file, unless they had the absolute filepath on your webserver). it's also an easy way to make it so only certain pages are viewable if you're not logged in, or whatever. this also gets around having to check if the file exists (although, if you don't actually create the files and then try to load them with this method, you will get the file-not-found php error.. so, using file_exists() is always a good idea, especially if the software you're writing is going to be used by other people. this will give them hints as to what files are missing (if any are), and won't display a terribly broken page to their users if something bad happens.

[dclamp]

thanks for that code. i will test it tomarrow.

i dont quite know if i want to use the file name in the 'action'. Like maybe it might be "http://www.rapidfriends.com/index.php?action=addbulletin" and it goes to add_my_jorunal.php. How do i do this?

[kows]

.. look at how the switch() example works..

[dclamp]

i dont understand it... :/

[kows]

what's not to get?

first of all, you define $thisaction by checking if $_GET['action'] is set, and whether or not it's equal to nothing. if $_GET['action'] exists and isn't empty, you set $thisaction as equal to $_GET['action'], otherwise, you set it to the default action ('main', for example).

next, you switch() $thisaction, allowing you to define different variables for different variable values. if you don't know what switch() is, you should have looked it up in the first place. it simply acts as an if, elseif, else statement, in a basic form. so, if the value is "main," then you set the $inc variable to the filename you want to display for "main," which might be news.php, main.php, or whatever else. you can either append a file extension to it directly, or append the file extension when including a file. after every case, you need to use the break; statement to end that case (ultimately breaking out of the switch() statement), otherwise you will assign the values proceeding that case. quick example if you don't know what I mean:

PHP Code:

<?php
  switch($thisaction){
    case "main":
      $inc = "blah";
    case "somepage":
      $inc = "blah2";
  }
  //$inc will ALWAYS be blah2 because there is no break statement.
  //you use the break statement like so:
  switch($thisaction){
    case "main":
      $inc = "main";
      break;
    case "blah":
      $inc = "some_other_page";
      break;
  }
?>

finally, for switch(), there is the default case. if $thisaction does not get caught by any of your cases, it will get caught by this. it's optional, and should always be the LAST statement. this way, if someone entered index.php?action=ljaklda, then since you didn't define a ljaklda case, it will go to the default case. for example:

PHP Code:

<?php
  switch($thisaction){
    case "main":
      $inc = "news";
      break;
    case "about":
      $inc = "aboutus";
      break;
    default:
      $inc = "error";
  }
?>

you don't need to break out of the default statement because it's the last case.. soooo. this all brings you back to what I first posted:

PHP Code:

<?php
  $thisaction = (isset($_GET['action']) && $_GET['action'] != "") ? $_GET['action'] : "main";
  switch($thisaction){
    case "main":
      $inc = "news";
      break;
    case "about":
      $inc = "aboutus";
      break;
    default:
      $inc = "error";
  }
  require_once('./somepath/' . $inc . '.php');
?>

This way, if someone enters your page without $_GET['action'] being set (ie, they go to yourdomain.com/index.php), then $_GET['action'] doesn't exist, and $thisaction will be set with a value of "main," thus changing $inc to "news," and ultimately giving them /somepath/news.php in the end. if another user enters index.php?action=mainn (maybe a typo of main?), $_GET['action'] will exist, so $thisaction will be equal to "mainn." however, because there is no "mainn" case, the $inc will be "error," thus giving them /somepath/error.php in the end.

make sense? I doubt I can get very much more detailed.

[dclamp]

lol. thank you so much for that. I was looking at another script like that at it seems more confusing. let me post it for ya:

PHP Code:

// Here's the monstrous $_REQUEST['action'] array - $_REQUEST['action'] => array($file, $function).
    $actionArray = array(
        //'ACTION' => array('PAGE.php', 'FUNCTION'),
        'aboutus' => array('about_us.php', ''),
        'address.add' => array('add_address.php', ''), 


and the rest

PHP Code:

// Get the function and file to include - if it's not there, do the board index.
    if (!isset($_REQUEST['action']) || !isset($actionArray[$_REQUEST['action']]))
    {

        // Fall through to the board index then...
        require_once("pages/index.php");
        return 'BoardIndex';
    }

    // Otherwise, it was set - so let's go to that action.
    require_once($sourcedir . '/' . $actionArray[$_REQUEST['action']][0]);
    return $actionArray[$_REQUEST['action']][1]; 


[dclamp]

also... i hope it does not matter, but i just counted, and i have about 600 pages.

[kows]

well, what are you looking for help with what you posted? the method i gave you is much simpler, and gives you what I assume is exactly what you're looking for.. since you haven't asked anything new, I'm not sure what you want anymore, if you even want anymore help? @_@

having 600 different pages doesn't make a huge difference, you will just have to reference each one or build a list automatically or something. I think the simplest and easiest way for this to work is to just have a database with the action names, and then the filenames. this is sort of like what you posted, but not nearly as long code wise, although you will be doing a database query every page.. but that really shouldn't be a problem anyway. basically, though, you could either number your actions (so that someone types ?action=221, instead of action=skfklsjflj) or just keep doing it the way you are. you could build your table also so that each action has an ID (auto_increment I would assume, just for the sake of having it I guess, even if you don't explicitly use it), an actual name, a filename reference, then a category, maybe some more sub categories depending on what you're doing. this way, since you have 600 pages, you could basically build your menu's links based on the current action because you grab other links in that same subcategory, or whatever. then, you just need to include the action's reference filename, if it exists, or return an error page if it doesn't. if the action requested isn't in the database, then you also just return an error page. the theory is simple, and the basis of making it working would also be simple, but depending on how you wanted it set up, well, it could be very complex.. 600 pages is a lot of information, and it isn't like you can just make 600 different links on the same page @_@.

[dclamp]

ok. after all this, i decided that 412 pages is way too many. Windows told me it was only 412. So i am just doing it with the original file name. so ?action=add_something would just add ".php" and require add_something.php

i think this was your first suggestion.

Thanks for all your help. I have another site i am working on as well, and will most likly use the database way and later on in this sites life i will do the database way.

Once again, thanks!!!

[kows]

well, if you're doing it like that, don't use the first switch() example I posted. do something more like this, because if you're just including the filename, you shouldn't waste time assigning a variable over and over if you're not explicitly using it. it's basically the same idea, with some adjustments: (you might have already figured this out, but if you haven't)

PHP Code:

<?php
  $incpath = './includes/';
  $incext = '.inc.php';
  $thisaction = (isset($_GET['action']) && $_GET['action'] != "") ? $_GET['action'] : "main";
  switch($thisaction){
    case "main":
    case "somepage":
    case "someotherpage":
    case "someotherotherpage":
    //case etc.
      $inc = $thisaction;
      break;
    default:
      $inc = "error";
  }
  if(file_exists($incpath . $inc . $incext))
    require_once($incpath . $inc . $incext);
  else
    require_once($incpath . 'error' . $incext);
?>

if you see what I did, this way you don't have to keep assigning the $inc variable over and over. since you're only including the filename, you can still use switch() to validate the pages you want available, but you save time by making it basically all one big long case statement.. if you had 412 includes, it might be 412 cases (which means 412 lines, if you put just one case per line). this is completely UN-NEEDED, but it is useful for easily processing a user's input. if a malicious user tried to include a page you didn't want him to, it wouldn't be on your list of cases, so the $inc would simply return as "error."

never trust a user's input. if you want them to be able to do something, you should only be letting them do that.

edit: oops, I looked and noticed my first example didn't have anything to do with switch(). however, the example above basically just provides more security than the first example, so I would suggest it over the first example.

[visualAd]

It is also a good idea to ensure that the parameter passed in the query string contains no path characters or protocol characters such as ":", ";" "\" and "/". Otherwise the user will be able to type the path of any file on your site and include that.

PHP Code:

if (! preg_match("/^[^;:\/\\\\/]$/", $action)) {
    /* display error page */
}