| Re: Using a single php entry file for a whole site. [message #181876 is a reply to message #181870] |
Thu, 20 June 2013 22:33   |
Marc van Lieshout
Messages: 10
Registered: March 2011
Karma:
|
Junior Member |
|
|
On 20-06-13 22:13, Jerry Stuckle wrote:
> On 6/20/2013 3:38 PM, Marc van Lieshout wrote:
>> On 20-06-13 21:29, Marc van Lieshout wrote:
>>> On 20-06-13 19:22, The Natural Philosopher wrote:
>>>>
>>>> What I would like to do, is the following.
>>>>
>>>> ALL request to a site are redirected by apache rules to one single
>>>> file.
>>>> Let's call it index.php.
>>>> Index.php notes the URL the user wants and looks it up in a database,
>>>> and if it exists, includes() the actual PHP file for that page.
>>>> If it doesn't exist, a standard 'sorry, you are looking for a page that
>>>> doesn't exist' is returned, if possible with the correct error code in
>>>> the headers?
>>>> The php files themselves apart from index.php do NOT live under the web
>>>> root. They might in fact live in the database. But that's stage 2.
>>>>
>>>> Is this possible, and if so what if any are the downsides?
>>>>
>>>> It seems to me that a user or robot level scrape of the site would not
>>>> show anything of its true internal structure. But still show all the
>>>> paths through it.
>>>>
>>>> What I want to do is have stuff like
>>>>
>>>> http:/mysite.com/news/Dog-Bites-Man
>>>>
>>>> redirect to say
>>>>
>>>> /var/private/newspage.php?id=3041
>>>>
>>>> where there exists a mysql table with a name value pair of
>>>>
>>>> news/Dog-Bites-Man: /var/private/newspage.php?id=3041
>>>> or
>>>> menu/Contact-the-webmaster: /var/private/contact.php?target=webmaster
>>>>
>>>> and so on.
>>>>
>>>> And possible a field for keywords to search the site with.
>>>>
>>>
>>> That looks indeed like a small framework. Some remarks:
>>>
>>> 1. You don't need apache rewriting you can use $_SERVER['PATH_INFO'] and
>>> use url's like:
>>>
>>> http:/mysite.com/index.php/news/Dog-Bites-Man
>>>
>>> or a page controller:
>>>
>>> http:/mysite.com/index.php?site=%2Fnews%2FDog-Bites-Man
>>>
>>>
>>> 2. For the sake of security, put the part that accesses the DB outside
>>> of index.php. It contains an uid and a password.
>>>
>>>
>>> The scheme will be like this:
>>>
>>> in index.php:
>>> include "/path/ouside/webroot/dispatcher.php"
>>>
>>> in dispatcher.php:
>>> $conn = new PDO(....);
>>> $stmnt = $conn->prepare(
>>> 'SELECT target from dispatch WHERE source = :src');
>>> $stmnt->execute(':src' => $_SERVER['PATH_INFO']);
>>> $row = $stmnt->fetch(PDO::FETCH_ASSOC);
>>>
>>> if ($row === false)
>>> // dispatch to 404
>>> ;
>>> else
>>> include('/path/outside/webroot/' . $row['target']);
>>>
>>>
>>> That's all.
>>>
>>
>> A simple addition:
>>
>> You can get rid of the boring <html><head></head> ... stuff by changing
>> the above setup like:
>>
>> ob_start();
>> if ($row === false)
>> // dispatch to 404
>> ;
>> else
>> include('/path/outside/webroot/' . $row['target']);
>> $contents = ob_get_clean();
>> include "mytemplate.php"
>>
>>
>> Where mytemplate can put an <?php echo $contents; ?> in the right place.
>> All major frameworks use this trick.
>>
>
> What is the need for the ob_start()? Unless you have a very good reason
> for needing it, using it is poor programming.
>
> For instance, if you're just using it to bypass the "Headers already
> sent" message, you have a problem in your design.
>
Why is using ob_start() poor programming?
The pair ob_start/ob_get_clean captures the contents of the page in the
$contents variable. Your template would look something like:
<html>
<head>
... stuff that is the same for every page ...
</head>
<body>
... layout stuff ...
<div class="contents">
<?php echo $contents; ?>
</div>
...
</body>
</html>
If you do it this way, you don't have to repeat this stuff in every
actual page.
|
|
|
|
Calendar
Search
Help
Members
Register
Login
Home
]