How to hide id in link url [duplicate] - javascript

This question already has answers here:
Reference: mod_rewrite, URL rewriting and "pretty links" explained
(5 answers)
Closed 21 days ago.
here is my php code
if(isset($_GET['id']))
{
$the_request_id = htmlspecialchars($_GET['id']);
$res = $mysqli->query("SELECT * FROM request where request_id = '{$the_request_id}'");
here is the button to opon this
<td>Items Info</span></td>';
and this is the link where my id show when i click Itme Info button and i like to hide can you help
https://example.com/request?id=1
all i need is to hide ID numbers thank you

Best solution is to use encryption :
step one
client html
encode($row['request_id']))
step two
server
if(isset($_GET['id']))
{
$the_request_id =htmlspecialchars(decode($_GET['id']));

You can change the .htaccess file for Server using Apache
##Options +FollowSymLinks
RewriteEngine On
RewriteRule ^request/([0-9]+)/$ ?request&sid=$1
This .htaccess file should be in root folder of the web application
Restart the Apache as required Reference

Related

What do I need to add to my .htaccess file so that I can get pretty URLs? [duplicate]

This question already has answers here:
Reference: mod_rewrite, URL rewriting and "pretty links" explained
(5 answers)
Closed 4 years ago.
What do I need to add to my .htaccess file so that I can get pretty URLs?
Currently, I have this two-line of code in my .htaccess file
Options +Multiviews
DefaultType applications/x-httpd-php
RewriteCond %{REQUEST_FILENAME}.php !-f
RewriteCond %{REQUEST_FILENAME}.php !-d
RewriteRule ^(.*)$ index.php?url=$1
RewriteRule ^single-blog/([0-9]+) single-blog?id=$1
Well, this code allows me stay in the page single-blog but, I am fetching data with the same id that I receive from URL.
My function to receive data from the id received from URL is like this:
function getSingleRow($table, $row_id){
global $conn;
$sql = "SELECT * FROM ".$table." WHERE id = ".$row_id;
$query = mysqli_query($conn, $sql);
if(mysqli_num_rows($query) <= 0){
return false;
} else {
$data = mysqli_fetch_assoc($query);
return $data;
}
}
So, when I used the single-blog/12 as URL the page throws multiple errors.
Simply you can store slug as a unique key and query by the slug.

How to redirect page to a URL without hash (#) in PHP? [duplicate]

This question already has answers here:
redirect is keeping hash
(2 answers)
Closed 5 years ago.
Preface:
I am at following address:
http://www.example.com/#contact
After successful contact form submission, the user is redirected to following address:
http://www.example.com/thanks
With the help of following code:
// Redirect to thank you page
redirect_to("thanks");
The function redirect_to() is defined as:
// Page redirection
function redirect_to($url)
{
if(isset($url) && $url != '')
{
header("Location: " . $url);
exit();
}
}
The htaccess rules for the thanks page are:
# Thanks Page
RewriteRule ^thanks/?$ thanks.php [QSA,L]
#RewriteRule ^thanks/$ thanks.php [QSA,L]
Problem:
The issue is the hash (#) character i.e. the fragment part is still sticking with the URL like:
http://www.example.com/thanks#contact
How does the part #contact get stick with main URL if I am redirecting the page to thanks?
How can we exclude/drop it either by htaccess or PHP or even through JS?
This question is asked before.
redirect is keeping hash
The response marked as the answer was:
The simple answer to "how do I stop it" is to specify an empty hash in the Location header:
header('Location: /account.html#');
However, this behavior isn't guaranteed across the board. It seems to work in WebKit and IE9 in my quick test. Nevertheless, you've stumbled on a black hole in the HTTP specification.

POST in Javascript and redirect for file download

I've read many articles in this site or other sites (Redirect with POST to application/csv without form, jQuery.post(), PHP and redirects, ... ) but without any valuable solutions.
My problem is the following :
in my site (html5, JQuery), there is a table. A feature of the site
is to export the table as a csv file which will be available for
download,
This feature is implemented as follow :
2.1 a javascript is called which extracts the data of the table,
2.2 this JS redirect to a php service and pass as arguments the datas. The code is the
following :
var url= jmcnet.request.getOrigin()+'/commons/php/dt_csv_export.php' ;
location.href = url+"?action=generate&csv_type=export_task&csv_data=" +encodeURIComponent(csv);
2.3 The php script format the input (csv_data parameter), write a temporay file and returns the content of the temporary file. The code is the following :
$h = #fopen($csv_file_name, 'w');
fputcsv($h, $csv_row, ',', '"');
fclose($h);
// export file content to JS
header('Content-Encoding: UTF-8');
header('Content-Type: text/ csv; charset =UTF-8');
header('Content-Disposition: attachment; filename=export-table.csv');
header(' Pragma: no-cache');
echo "\xEF\xBB\xBF"; // UTF-8 BOM
readfile($csv_file_name);
2.4 The php file delete (unlink) the temporary file and exit,
My problem is that when the table is long, the URL called is not valid and the JS call to Php is down.
So, I imagine the 3 following solutions but no one is evident and all leads to other problems :
S1 : dont do a GET but a POST in JS. So the size of the csv_data
doesn't matter anymore. The problem is that I will have the content
of the csv file in JS var after the call succeed and I don't know or
find how to redirect to a page which content is in a JS var ? I
guess I will lose all header information doing this.
S2 : compress in JS the csv_data parameter and decompress it in Php.
I just don't know how to do that and if it possible ....
S3 : call the php with a POST. Modify the Php to return the URL of
the temporary file, and do a redirect in JS to this temporay URL.
The problems are that my Php must generate a file into a dir
directly visible on the Internet, the file name must be unique and
there is no way to simply delete the file after it has been read by
browser (and I hate cron or what else).
I'm sure I'm not the first one to have this problem, so I need your help to see what is the best practice for this problem.
I think you may be over-complicating this just a bit. There is no need for all of the JS redirect stuff, you can just point your forms action attribute to your csv_export php code and use POST to send your data.
if needed, you can modify the max size of a post request by editing the post_max_size option in your php.ini. heres what mine looks like:
; Maximum size of POST data that PHP will accept.
; Its value may be 0 to disable the limit. It is ignored if POST data reading
; is disabled through enable_post_data_reading.
; http://php.net/post-max-size
post_max_size = 8M
as for writing to a temporary file, php has built in I/O streams to handle that. for your purposes you'll probably want to use php://memory or php://temp (more info on those here: http://www.php.net/manual/en/wrappers.php.php)
so you can do something like this:
SAMPLE HTML:
<html>
<head>
<!-- include jquery because you say you are using it -->
<script src="//code.jquery.com/jquery-1.10.2.min.js"></script>
<script>
//just a dummy function to represent your js to extract csv data from a table
function extract_table_data(){
var csv = "field1,field2,field3\n\
value1,value2,value3\n\
value4,value5,value5";
return csv;
}
$( document ).ready(function() {
//export link click handler
$('#export_link').click(function() {
$('#csv_data').val(extract_table_data());
$('#theform').submit();
});
});
</script>
</head>
<body>
<a id='export_link'>Export CSV</a>
<form id='theform' method='post' action='dropcsv.php'>
<input type='hidden' name='csv_data' id='csv_data'/>
</form>
</body>
</html>
dropcsv.php
//filename for our csv attachment
$export_filename = 'thefile.csv';
//grab csv data
$csv_data = $_POST['csv_data'];
//open file in memory
$f = fopen('php://memory', 'w'); //use php://temp if you want a tmp file instead
//load up csv file
fwrite($f, $csv_data);
// go back to the beginning of the file
fseek($f, 0);
header('Content-Type: application/csv');
header('Content-Disposition: attachement; filename="'.$export_filename.'"');
fpassthru($f);
fclose($f);
of course don't forget to add your error checking and sanitize the input.

Redirect To A Url With Header Information Javascript [duplicate]

This question already has an answer here:
Closed 10 years ago.
Possible Duplicate:
Javascript redirect with headers or session id
How do I add header information in a redirect with javascript..
I redirect like this I think (not sure)..
window.location.replace('https://anotherWebSite.com');
No I wanna add header information to it containing a userID="whatever" so when the redirect happens it will be available to anotherWebsite.com through this code for example..
NameValueCollection headers = base.Request.Headers;
for (int i = 0; i < headers.Count; i++)
{
if (headers.GetKey(i).Equals("userID"))
{
_myID = headers.Get(i);
}
}
I'm not aware of any way to attach response headers to a JavaScript redirect, but you could append the data to the querystring:
window.location.replace('https://anotherWebSite.com?user=[USERNAME]');

How to pick the title of a remote webpage [duplicate]

This question already has answers here:
How can I get the title of a webpage given the url (an external url) using JQuery/JS
(3 answers)
How to get the content of a remote page with JavaScript?
(6 answers)
Closed 2 years ago.
How I can read the title of a remote web page with javascript? Suppose the web page is:
www.google.com
I want to read the title of that page; how should I do this?
You won't be able to get this data with jQuery alone, however you can use jQuery to communicate with PHP, or some other server-side language that can do the heavy lifting for you. For instance, suppose we have the following in a PHP script on our server:
<?php # getTitle.php
if ( $_POST["url"] ) {
$doc = new DOMDocument();
#$doc->loadHTML( file_get_contents( $_POST["url"] ) );
$xpt = new DOMXPath( $doc );
$output = $xpt->query("//title")->item(0)->nodeValue;
} else {
$output = "URL not provided";
}
echo $output;
?>
With this, we could have the following jQuery:
$.post("getTitle.php", { url:'http://example.com' }, function( data ) {
alert(data);
});
Getting the content of a remote page you have no control over is going to be a problem because of the same-origin-policy. For more information look here: How to get the content of a remote page with JavaScript?
Try this
alert(document.title);
in your case i guess you would only be using the document.title
The effective method is to write some Server side code (using PHP/ASP/.NET) and pass the URL via AJAX in script and get the title of any remote page.

Categories

Resources