Page 1 of 1

Unable to get file from GET request

Posted: Fri Aug 27, 2004 4:38 am
by bianster
I have this code that will retrieve HTML files from a common folder, some checks are perfomed to ensure that only certain directories and files are allowed to be included in the main index.php file.

What's happening now is that after I've added some new HTML files into the common folder and I "attempt" to load those new files, I would get a FILE NOT FOUND error.

I've adjusted the acceptable pages array and made sure that the files are indeed in the correct directories but no luck....

Code: Select all

<?php 
$acceptable_pages = array( 
'index',
'view',
'post',
'registerbuyer',
'registerseller',
'search',
'stories',
'form',
'submitted',
'cafe',
'playroom',
'theatre',
'artloft',
'servicearea',
'internetstations',
'workbays',
'news40',
's60',
's60r',
's80',
'v50',
'v70',
'c70',
'xc70',
'xc90',
'exteriorcarcare',
'interiorcarcare',
'batterycare',
'engineoil',
'coolantmixture',
'wipermaintenance',
'bookaservice',
'bookaserviceform',
'bookaservicesubmitted',
'servicepromotions',
'servicepromotions01',
'servicepromotions02',
'xmas2003',
'eve1',
'clothing',
'accessories',
'stationery',
'gifts',
'sportsleisure',
'scalemodels',
'volvooceanrace',
'wallpapersnews40',
'wallpaperss60',
'wallpaperss80',
'wallpapersv50',
'wallpapersv70',
'wallpapersc70',
'wallpapersxc70',
'wallpapersxc90',
'commercials',
'commercial01',
'commercial02',
'commercial03',
'films',
'pda',
'15k',
'30k',
'45k',
'60k',
'75k',
'90k',
'105k',
'120k',
'135k',
'150k',
'165k',
'180k',
'195k',
'210k',
'225k',
'240k',
'255k',
'270k',
'285k',
'300k',
'termsandconditions'
);

$acceptable_subdirs = array( 
'index',
'aboutsmmotors',
'companylocation',
'facilities',
'salesconsultants',
'serviceconsultants',
'careers',
'carguide',
'safetytips',
'aftersalesservice',
'maintenanceservice',
'carreviews',
'whatcustomerssay',
'rental',
'lifestylemerchandise',
'preownedvolvos',
'events',
'survivorsclub',
'messageboard',
'contests',
'downloads',
'sendecard',
'subscribe'
);

$acceptable_dirs = array( 
'home',
'smmotors',
'volvo',
'forlife',
'sitemap',
'contactus',
'privacypolicy',
'recommend'
);
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
    "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">

<head>
<script language="javascript"> 

 if (screen.width > 800 || screen.height > 600) 
 {document.write('<link rel="stylesheet" type="text/css" media="screen, projection" href="/css/screenNormal.css" />');} 
  else {document.write('<link rel="stylesheet" type="text/css" media="screen, projection" href="/css/screen800.css" />');} 

</script>
	<noscript>
	<link rel="stylesheet" type="text/css" media="screen, projection" href="/css/screenNormal.css" />        	
	</noscript>
	<link rel="stylesheet" type="text/css" media="print" href="/css/print.css" />        
	<style type="text/css" media="screen">
	<!--
	/* IE/Mac Only Styles
	----------------------------------------------- */
	/*\*//*/
	  @import "/css/screenNormal.css";
	/**/
	-->
	</style>
	<?php /**/
	$subdir = $_REQUEST[ 'subdir' ]; 
	
	if ($subdir=="aftersalesservice" or "downloads") echo "<script type="text/javascript" src="/js/nav.js"></script>"; 
	
	?>


</head>

<body <?php $dir = $_REQUEST[ 'dir' ]; if ( in_array( $dir, $acceptable_dirs ) ) { print "id="$dir""; } else { print "id="404""; } ?>>

<div id="wrapper">

<div id="header">
	<h1>
	<a href="/" title="title"><span>link text</span></a>

	<img id="logo" src="/images/logo.gif" width="153" height="21" alt="Logo" />
	</h1>
</div>

<?php
$subdir = $_REQUEST[ 'subdir' ]; 
?>
<div class="reset"><!-- --></div>

<div id="maincontent">
	<div id="maincontent2">

		<div id="realcontent">
<?php /**/
foreach($_REQUEST as $key => $val){
	echo "$key => $val\n";
}
$dir = $_REQUEST[ 'dir' ]; 
$subdir = $_REQUEST[ 'subdir' ]; 
$page = $_REQUEST[ 'page' ]; 
if ( in_array( $page, $acceptable_pages ) && in_array( $subdir, $acceptable_subdirs ) && in_array( $dir, $acceptable_dirs ) ) 
{
@require_once($_SERVER["DOCUMENT_ROOT"]. "/includes/$dir/$subdir/$page.html");
}
else 

{
@require_once($_SERVER["DOCUMENT_ROOT"]. "/includes/404.php");
}
?>
		
		</div>
<div class="reset"><!-- --></div>

	</div>
</div>

</div>

</body>
</html>

?>

Posted: Fri Aug 27, 2004 6:56 am
by Buddha443556
You need to use POST method to upload files. Use the superglobal $_FILES to access the file and other info.

(There's also the PUT method but I ain't going there. :) )

Posted: Fri Aug 27, 2004 10:17 am
by feyd
what does this have to do with uploading, Buddha? :?

Code: Select all

if ($subdir=="aftersalesservice" or "downloads")
logic error.. I think that's always true.

so you're saying the 404.php page is getting included instead of the pages? could you post an example url that doesn't work? I'd guess that you have a case variance in the url maybe. :?

If the 404 page isn't the one being included, and if the server is a *nix based one, make sure there aren't any case variances with the names stored in your arrays, as the server is case-sensitive.