0

I have this simple method which checks if a url is for part of my admin area.

protected function is_admin_url ( $url ) {
    $parts = parse_url( $url );
    if ( !empty($parts['path']) ) {
        $steps = explode('/', $parts['path']);
        if ( $steps[1] == $this->slug ) // $steps[0] will always be empty
            return true;
    }
    return false;
}

It should return true for any url in the form http://example.com/slug/foo?bar=baz The problem I'm having is that while developing on my local machine (using WAMP) all urls are in the form http://localhost/example.com/slug/foo?bar=baz. This of course breaks the method since the domain is now part of the path.

Hard coding the array index is bound to lead to bugs. Is there any conditional statement I can add in to handle this?

I should also note, this is part of a plugin for WordPress. The site url is not known.

Twifty
  • 3,267
  • 1
  • 29
  • 54

3 Answers3

1

You can check if there is a dot in $steps[1] or just check if you are working in a local environment:

protected function is_admin_url ( $url ) {
    $parts = parse_url( $url );
    if ( !empty($parts['path']) ) {
        $steps = explode('/', $parts['path']);
        $slug = $steps[1];
        if (strpos($steps[1], '.')) $slug = $steps[2];
        if ( $slug == $this->slug )
            return true;
    }
    return false;
}

or

protected function is_admin_url ( $url ) {
    $parts = parse_url( $url );
    if ( !empty($parts['path']) ) {
        $steps = explode('/', $parts['path']);
        $slug = $steps[1];
        if ($_SERVER['REMOTE_ADDR'] == '127.0.0.1') $slug = $steps[2];
        if ( $slug == $this->slug )
            return true;
    }
    return false;
}
evuez
  • 3,257
  • 4
  • 29
  • 44
  • The dot method works in theory but my slug is a settable parameter. I believe dots are allowed in folder names, making this approach problematic. I shouldn't trust the value of REMOTE_ADDR. – Twifty Nov 26 '13 at 09:11
  • Because it can return anything. How about "::1" or the servers online IP. Sure I can configure to use my machines setting, but coding on another machine may give a wrong result. – Twifty Nov 26 '13 at 09:15
  • I don't think you would run into much trouble using it, anyway, if you want something else try with `$_SERVER['SERVER_NAME'] === "localhost"`. Also, about REMOTE_ADDR: http://stackoverflow.com/a/4773981/653378 – evuez Nov 26 '13 at 09:16
  • I've accepted your answer for the dot method. I can simply impose a restriction on the setting of the slug. It sure beats messing around with REMOTE_ADDR – Twifty Nov 26 '13 at 09:34
0

Just check the part between the most recent /s

protected function is_admin_url ( $url ) {
    $pFile = strrpos($url, '/');
    $pFolder = strrpos($url, '/', $pFile-1);
    if (($pFile === false) or ($pFolder === false)) {
        return false;
    }
    $folder = substr($url, $pFolder+1, $pFile-$pFolder-1);
    return ($folder == $this->slug);
}

BurninLeo

BurninLeo
  • 4,240
  • 4
  • 39
  • 56
  • Doesn't work with urls like `http://localhost/example.com/slug/foo/?bar=baz` or multiple folders – Twifty Nov 26 '13 at 09:00
  • I think that you task is not adequately defined. What should the method accept as "admin URL" and what not? Is a "slug" anywhere in the URL sufficient? Or should it rather check all possible admin folders to avoid false positives? – BurninLeo Nov 26 '13 at 09:04
  • The slug will always be the first folder – Twifty Nov 26 '13 at 09:05
  • No. Your localhost example just proved that it will not. – BurninLeo Nov 26 '13 at 09:06
  • And that's why I wrote this question. – Twifty Nov 26 '13 at 09:12
  • So ... define your task correctly, and the solution will follow :) If the folder can be on position 1 *or* 2 depending on the domain, this would be something you can check. – BurninLeo Nov 26 '13 at 09:39
0

Maybe you can use a Check with $_SERVER['REMOTE_ADDR']=='127.0.0.1' for detect if is development environment or put in global config a variable $local = true and use inside function is_admin_url.

linkamp
  • 215
  • 2
  • 5
  • http://stackoverflow.com/questions/4262081/serverremote-addr-gives-server-ip-rather-than-visitor-ip REMOTE_ADDR cannot be trusted – Twifty Nov 26 '13 at 09:06