Convert html to php

I have a layout coded in html and I want to make it in php.

How can I do this?

 

Change the extension to .php

 

change .html/.htm to .php

 

Do you mean convert it over to like a database driven site?

 

That's it???

I mean I only have 1 file thats index.htm
and I wanted to have files like index.php, header.php, footer.php
as I have sidebar so I just wanted to put some includes

 

Yes - then you need a script for that .....

Some thing like this right

http://demo.sundaybrewmedia.com

But your colors and such

 

nope, I just wanted my other pages to be in php like bio.php

and with includes

 

yea - you need a script .....

Or you need to create an index.php and then build includes or templates

 

<?php
//check to see iuf someone trying to php insert


$page = mysql_escape_string(htmlentities(addslashes($page)));
$page = str_replace("http:", "...", $page);
if(!file_exists($page.".php")){ $page=""; $check = 1;}

//include the top of the page
include('top.php');

//include the content
if($check == 1) { echo "Could not include the requested URL."; } else { require_once($page.".php"); }

//include the bottom of the page
include('bottom.php');

PHP:

there you are

 

Best templating tutorial for starters,

http://www.phpfreaks.com/tutorials/8/0.php

 

right...

but i'd suggest using MY code for the actual includes, frankly becuse it s secure.

 

I agree, that was a nice simple snipet

Good job man!

 

Not really, mysql_escape_string could well break some peoples scripts, it's only necessary to call it if your interacting with mysql, and even then it's MUCH preferred to call mysql_real_escape_string as that takes notice of the charset in use and can take a database connection as a reference.

This OP doesn't seem to be using sql and so calling it is totally unecessary and it won't do any good at all, just because you call a lotta functions doesn't make your pages safe ...

<?php
if(!defined("UNSET_PHP")) define("UNSET_PHP", 'home.php');
if(!defined("ROOT_PHP") ) define("ROOT_PHP", '/home/yourusername/www/' );

function _include( $file )
{
	return !file_exists( ROOT_PHP . $file ) ? false : include( ROOT_PHP . $file );	
}

include('top.php');

if( !_include( $_GET['page'] ? urldecode( $_GET['page'] . ".php" ) : UNSET_PHP ) )
	die( "The page you requested is disallowed" );

include('bottom.php');
?>

PHP:

 

Ya - Listen to Joe man, He is one of the best coders on dp,

I personally have used him on many products and scripts and this guy knows his shit...

 

...wow...
that type of coding goes WAY above my level...heh...

waaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaay above...

*steals*

lol

 

actually, that code was given to us by a guy who hacked our site and then stayed arround to help us close some holes. i'll be happy to replace his code any day.

but, if i may ask, what does this do:

if(!defined("ROOT_PHP") ) define("ROOT_PHP", '/home/yourusername/www/' );

PHP:

isn't it defaulted to that anyway?

 

It's so that this line :

return !file_exists( ROOT_PHP . $file ) ? false : include( ROOT_PHP . $file );

only includes files that are in that directory, a file_exists clause alone won't do, there may be files on the system that do exists with a php extension that could have sensitive or private information in, if you're going to give your script the power to include content dictated by the url, you should lock that data down to one directory, and that's how I chose to do it, for instance on servers with no base_dir restrictions, which most don't have, from your code I could include any php files that exist on the server, so if I had an account on that server and far more spare time than I do have, I might turn my attention to writing some xss php to steal the source code of your site by including files in my doc root.

While using the get variables seems like a real good idea, easy to get content in, you should be careful when using it, if you can write some sort of cloak so that the word in the url has nothing in common with the word on disk, and as I said lock down the files you have permission to include to one directory, it may even be a good idea to change it to

<?php
if(!defined("UNSET_PHP")) define("UNSET_PHP", 'home.php');
if(!defined("ROOT_PHP") ) define("ROOT_PHP", '/home/yourusername/www/' );

function _include( $file )
{
    return !file_exists( ROOT_PHP . basename( $file ) ) ? false : include( ROOT_PHP . basename( $file ) );   
}

include('top.php');

if( !_include( $_GET['page'] ? urldecode( $_GET['page'] . ".php" ) : UNSET_PHP ) )
    die( "The page you requested is disallowed" );

include('bottom.php');
?>

PHP:

that's better ..... basename() should also be used to avoid ppl using paths like ../../path/to/file.php to get around the ROOT_PHP thing, wasn't really awake when I wrote that this morning .....

 

I've been trying to execute some PHP scripts in an HTML file and I've tried using the following htaccess codes to no avail;

AddHandler application/x-httpd-php .htm
AddType application/x-httpd-php .html .htm
AddType text/html .php
AddHandler php-script .php .html .htm
AddType application/x-httpd-php .html
AddType application/x-httpd-php .htm

Is there any other htaccess code I could try???

 

you're not trying to include xml content are you ??

AddType application/x-httpd-php .html

alone should work, some builds of apache and or php are built to ignore instructions from htaccess, good way to test is write total nonsense in an htaccess file, you're server should give you an Internal Server Error page if it parses the htaccess, if that does nothing then your server doesn't pay attention to htaccess files.

If you are trying to include some xml content you'll have to think it out again, xml encoding should also start with <? pretty stupid really ......

Also, another thing, are you running in cgi mode or an apache dso ? look in a phpinfo() file near the top, "Server API" if that says cgi then that will cause problems also, post a link to phpinfo() if that is the case so I can have a look see

 

nope - it's all PHP scripts within an HTML file.

I'll try it again. Just to confirm I should place the .htaccess file in the base directory ie public_html/ or www/


EDIT : I feel pretty stupid now. I just checked and one of the links on the test server had pointed me to the live server so I kept refreshing the live servers URL. It's all working fine on the test server.... except for the PHP errors which I'm glad to see.