| Re: Using a single php entry file for a whole site. [message #181870 is a reply to message #181866] |
Thu, 20 June 2013 20:13   |
Jerry Stuckle
Messages: 2598
Registered: September 2010
Karma:
|
Senior Member |
|
|
On 6/20/2013 3:38 PM, Marc van Lieshout wrote:
> On 20-06-13 21:29, Marc van Lieshout wrote:
>> On 20-06-13 19:22, The Natural Philosopher wrote:
>>>
>>> What I would like to do, is the following.
>>>
>>> ALL request to a site are redirected by apache rules to one single file.
>>> Let's call it index.php.
>>> Index.php notes the URL the user wants and looks it up in a database,
>>> and if it exists, includes() the actual PHP file for that page.
>>> If it doesn't exist, a standard 'sorry, you are looking for a page that
>>> doesn't exist' is returned, if possible with the correct error code in
>>> the headers?
>>> The php files themselves apart from index.php do NOT live under the web
>>> root. They might in fact live in the database. But that's stage 2.
>>>
>>> Is this possible, and if so what if any are the downsides?
>>>
>>> It seems to me that a user or robot level scrape of the site would not
>>> show anything of its true internal structure. But still show all the
>>> paths through it.
>>>
>>> What I want to do is have stuff like
>>>
>>> http:/mysite.com/news/Dog-Bites-Man
>>>
>>> redirect to say
>>>
>>> /var/private/newspage.php?id=3041
>>>
>>> where there exists a mysql table with a name value pair of
>>>
>>> news/Dog-Bites-Man: /var/private/newspage.php?id=3041
>>> or
>>> menu/Contact-the-webmaster: /var/private/contact.php?target=webmaster
>>>
>>> and so on.
>>>
>>> And possible a field for keywords to search the site with.
>>>
>>
>> That looks indeed like a small framework. Some remarks:
>>
>> 1. You don't need apache rewriting you can use $_SERVER['PATH_INFO'] and
>> use url's like:
>>
>> http:/mysite.com/index.php/news/Dog-Bites-Man
>>
>> or a page controller:
>>
>> http:/mysite.com/index.php?site=%2Fnews%2FDog-Bites-Man
>>
>>
>> 2. For the sake of security, put the part that accesses the DB outside
>> of index.php. It contains an uid and a password.
>>
>>
>> The scheme will be like this:
>>
>> in index.php:
>> include "/path/ouside/webroot/dispatcher.php"
>>
>> in dispatcher.php:
>> $conn = new PDO(....);
>> $stmnt = $conn->prepare(
>> 'SELECT target from dispatch WHERE source = :src');
>> $stmnt->execute(':src' => $_SERVER['PATH_INFO']);
>> $row = $stmnt->fetch(PDO::FETCH_ASSOC);
>>
>> if ($row === false)
>> // dispatch to 404
>> ;
>> else
>> include('/path/outside/webroot/' . $row['target']);
>>
>>
>> That's all.
>>
>
> A simple addition:
>
> You can get rid of the boring <html><head></head> ... stuff by changing
> the above setup like:
>
> ob_start();
> if ($row === false)
> // dispatch to 404
> ;
> else
> include('/path/outside/webroot/' . $row['target']);
> $contents = ob_get_clean();
> include "mytemplate.php"
>
>
> Where mytemplate can put an <?php echo $contents; ?> in the right place.
> All major frameworks use this trick.
>
What is the need for the ob_start()? Unless you have a very good reason
for needing it, using it is poor programming.
For instance, if you're just using it to bypass the "Headers already
sent" message, you have a problem in your design.
--
==================
Remove the "x" from my email address
Jerry Stuckle
JDS Computer Training Corp.
jstucklex(at)attglobal(dot)net
==================
|
|
|
|
Calendar
Search
Help
Members
Register
Login
Home
]