0

I have one problem with the address bar (in the browser). The homepage url of my website looks like this: http://localhost/Website/index.php

If I write .../Website/home.php it loads the the home.php page. I think it is not safe if anyone can go to any of the webpage they want if know its address. I want to block the automatic url redirection in the address bar. Please anyone help me make so that if someone write the .../home.php address it redirects the browser to index.php as the default page.

Jeff Noel
  • 7,500
  • 4
  • 40
  • 66
Praveenkumar
  • 21
  • 1

8 Answers8

6

The entire concept of the world wide web is that each resource (for example each web page) has a unique resource identifier (address). It is an integral part of how the internet works and you ought to conform to it, rather than avoid it.

Make sure you have a nice big link back to your home page and people will use it if they land on a different page and can't find what they want.

I hope this helps.

Fenton
  • 241,084
  • 71
  • 387
  • 401
2

in short: you cannot do that. As others mentioned, PHP is a server side language that means it cannot control the browser (i.e. preventing someone to change the URL). Read and follow the links in How does PHP work? to get the know the difference between server side and client side languages.

The Wikipeda articles World Wide Web, Uniform Resource Locator (URL) and Web Server could also be interesting for you to get a basic understanding how the WWW works and what it is about the URLs.

But you can control which files can be accessed. There are two ways:

Web server configuration

Most (every?) web server lets you configure rules to control which files should be accessible (aka access control). Her is an example how to do it with the Apache web server.

PHP: Front Controller

You can also do this with PHP directly (and a little web server configuration). The magic keyword her is the Front Controller pattern. This is e.g. a class that acts as a single point of entry to your application. This means that every request e.g. to

 http://localhost/Website/home.php

or 

http://localhost/Website/foo/bar.php

is redirected (forwarded, however you want to name it) to and processed by

 http://localhost/Website/index.php

So in the end you can and have to decide which content the user gets to see if he tries to access a certain URL.
This gives you more control over the (look of) URLs but you have to put more effort into it to configure it.

If you are interested in how this works, I suggest to have a look at the Zend Framework which implements this pattern.

Open question...

Although you can do this, the question is whether you have to do it. If you don't want home.php to be accessible, why do you put it on your web server in the first place?

Or maybe you have a wrong picture of the structure of a website in your head. A single website consists of multiple pages (most times), e.g.

index.php   // is the main page
about.php   // is about the site or you
news.php    // contains the latest news you provide
archive.php // older news or articles
...

It is even wanted that a user / visitor can access these pages directly by entering the URL into the address bar or via a bookmark. This is how a website or the WWW works.

Community
  • 1
  • 1
Felix Kling
  • 795,719
  • 175
  • 1,089
  • 1,143
1

PHP cannot do that; it is a server-side technology and so can't modify the browser's behavior. Simply don't put any other files in the directory and the browser will inform the user that no such file exists when they try to navigate to it.

Ignacio Vazquez-Abrams
  • 776,304
  • 153
  • 1,341
  • 1,358
1

You can get this result even without frames. If you use javascript and ajax to dynamically load your content your url won't change.

While I never recommend this for googles sake this would be the most nice way of doing it and still work fine with PHP

RJD22
  • 10,230
  • 3
  • 28
  • 35
0

I would take Sohnee advice, but if you really want to you could create the illusion by using HTML frames.

Alix Axel
  • 151,645
  • 95
  • 393
  • 500
0

I agree with the answers posted recently.

But if you do not need HTML you can go into FLASH or Java Applet, once those are loaded, your URLs no longer changes.

Pentium10
  • 204,586
  • 122
  • 423
  • 502
0

Use the old and good FRAMES!! Then the address won't change.

<frameset rows="0,*" frameborder="0" framespacing="0" border="0">
    <frame name="nothing" src="about:blank" marginwidth="0" marginheight="0" scrolling="no" frameborder="0" framespacing="0">

    <frame name="everything" src="http://localhost/Website/index.php" marginwidth="0" marginheight="0" scrolling="auto" frameborder="0" framespacing="0">
</frameset>
Heitor
  • 683
  • 2
  • 12
  • 26
-2

Weird thing to want to do but a simple way (and not good for anything but small sites) is to use Header(LOcation: xxxx).

Paul
  • 1
  • 1
  • This does not answer the question, which is asking how to prevent users from changing the url shown into the address bar. – Jeff Noel Aug 15 '12 at 20:18