Posted by laredotornado@zipmail.com on 10/27/06 14:34

You have been so helpful. I must trouble you with one more question.
You had these lines in your accesscontrol.php file

$path = parse_url($_GET['file'],PHP_URL_PATH);
$file = dirname(__FILE__).'/'.$fake_url['path'];

But I'm getting the following errors ...

Notice: Use of undefined constant PHP_URL_PATH - assumed 'PHP_URL_PATH'
in /usr/local/apache2/htdocs/refillingstation/admin/accesscontrol.php
on line 14

Warning: parse_url() expects exactly 1 parameter, 2 given in
/usr/local/apache2/htdocs/refillingstation/admin/accesscontrol.php on
line 14

Notice: Undefined variable: fake_url in
/usr/local/apache2/htdocs/refillingstation/admin/accesscontrol.php on
line 15


What was the intent of what you were trying to do here?

Thanks, - Dave


Rik wrote:
> laredotornado@zipmail.com wrote:
> > If data is POSTed to a PHP page (say form_response.php) and the
> > request
> > is first intercepted by accesscontrol.php, if I determine that the
> > user
> > is logged in and then have a line
> >
> > include($requested_file) (as I believe was in your example)
> >
> > will the POSTed request still be in tact for processing by
> > form_response.php?
>
>
> Well, I simple test could have told you that, but yes, it will be available
> (contrary to redirects done with header('Location: etc..');, this
> redirection is done internally in the webserver and will make the POST (and
> COOKIE & FILES) available to the script).
>
> Be sure though, that the file that is requested is indeed one of your
> locally hosted trusted files.
> --
> Rik Wasmus

[Back to original message]