Page 1 of 2

html to php

Posted: Mon Sep 03, 2007 9:00 pm
by asif_phpdn
Can I convert any html file to php?

Posted: Mon Sep 03, 2007 9:04 pm
by Zoxive
Convert Html to PHP?

Code: Select all

$html = file_get_contents('htmlfile.html');
///
$html = '<div>This is Html</div>';
///
?>
<div>This is Html</div>
<?php
///
??

Posted: Mon Sep 03, 2007 9:12 pm
by s.dot
Yes. Just change the extension from .html to .php ;)

Posted: Mon Sep 03, 2007 9:48 pm
by califdon
scottayy wrote:Yes. Just change the extension from .html to .php ;)
That's the right answer! It's rather pointless to "convert" HTML to PHP unless you are going to use PHP to pre-process something, though. The web server will just parse it, find no PHP code and deliver it to the requesting browser.

Posted: Tue Sep 04, 2007 5:09 am
by Rovas
Just put

Code: Select all

<?php
echo 'content of file' 
//or 
print ''
?>

Posted: Wed Sep 05, 2007 11:42 am
by asif_phpdn
Rovas wrote:Just put

Code: Select all

<?php
echo 'content of file' 
//or 
print ''
?>
Then just put the html code in echo and that brings php from html???

Posted: Wed Sep 05, 2007 11:47 am
by hawleyjr

Posted: Wed Sep 05, 2007 11:51 am
by RobertGonzalez
If the HTML pages are not going to have any PHP in them do not just name them PHP. They will go through the parser, be read, then returned to the user agent through the web server. If the pages are going to stay static, let the server serve them directly. It will be faster and better overall.

Posted: Wed Sep 05, 2007 1:31 pm
by VladSun
scottayy wrote:Yes. Just change the extension from .html to .php ;)
It is far better and useful to change it to .phps... It needs this directive in Apache config file:

Code: Select all

AddType application/x-httpd-php-source .phps

Posted: Wed Sep 05, 2007 1:50 pm
by RobertGonzalez
VladSun wrote:It is far better and useful to change it to .phps... It needs this directive in Apache config file:

Code: Select all

AddType application/x-httpd-php-source .phps
NEVER DO THIS ON PRODUCTION SERVERS. THIS IS A SECURITY RISK AND A BAD RECOMMENDATION.

Exposing the PHP code behind your pages is a bad move. This directive should never be set in production environments.

Posted: Wed Sep 05, 2007 1:54 pm
by VladSun
Everah wrote:
VladSun wrote:It is far better and useful to change it to .phps... It needs this directive in Apache config file:

Code: Select all

AddType application/x-httpd-php-source .phps
NEVER DO THIS ON PRODUCTION SERVERS. THIS IS A SECURITY RISK AND A BAD RECOMMENDATION.

Exposing the PHP code behind your pages is a bad move. This directive should never be set in production environments.
Ooops, my mistake - I read the topic as "Convert PHP to HTML", i.e. show PHP code as HTML :)

But ... one should never say "never" ;)
What about having a PHP example on a production server ;) Using .phps is the easiest and elegant way to view syntax colored PHP source :)

Posted: Wed Sep 05, 2007 2:03 pm
by RobertGonzalez
highlight_file(), without making changes to your server settings.

Posted: Wed Sep 05, 2007 4:02 pm
by VladSun
@Everah
I can't agree with you.
Suppose, I have *.phps files on a server. With or without this directive the source will be exposed - do you agree? So, using this directive doesn't involve any security risks.
It's the same case as with *.inc.php files - the shouldn't be named *.inc, but nobody says "DON'T USE EVIL INCLUDE() FUNCTION!"
Your post is a little bit of FUD ;)

Posted: Wed Sep 05, 2007 4:12 pm
by RobertGonzalez
VladSun wrote:Suppose, I have *.phps files on a server. With or without this directive the source will be exposed - do you agree? So, using this directive doesn't involve any security risks.
Not sure I understand what you are asking here. If the server does not know what to do with a .phps file extension, it will show a .phps file as plain text. However, you do not put .phps files on the server, you put .php files on the server, so the server, not knowing what to do with a .phps file looks for it, cannot find it, and returns a 404.
VladSun wrote:It's the same case as with *.inc.php files - the shouldn't be named *.inc, but nobody says "DON'T USE EVIL INCLUDE() FUNCTION!"
I agree that naming a php file .inc is stupid. For that, you could name it .txt and have the same protection. I am not sure what this has to do with the include function though.

If you want people to be able to see the source of your application code, by all means go ahead and turn that feature on for your servers. But offering the advice to people here to open up their code on their servers is irresponsible. It is a security risk. Everything that is in a PHP file becomes exposed if the .phps directive is turned on.

Posted: Wed Sep 05, 2007 4:19 pm
by VladSun
They can't see it if it is *.php file... They would be able to see it if it is *.phps file (thats the analogy with *.inc and *.inc.php). So where is the security issue?
One need to rename a .php file to .phps file to make this directive applied. That's why having this directive turned on is not a security issue.