Welcome to Geeklog, Anonymous Tuesday, January 31 2023 @ 02:11 pm EST

Geeklog Forums

Using include_once in header.thtml


Status: offline

Treesong

Forum User
Newbie
Registered: 11/21/05
Posts: 9
I've created a very simple and half-cool hack in my theme that turns the content portion of header into an editable Static Page.

Basically, I found the table in header.thtml that held the contents, cut it out, replaced it with something like:

Text Formatted Code
<?php include_once "http://mysite.org/path/to/staticpage/index.php?page=header"; ?>
 


Then, I created a static page with the id "header" and pasted the cut table from header.thtml.

I was pleased to see that this worked! Now, any user I choose to authorize to edit Static Pages can edit the Header -- and potentially the Footer, and maybe even any other layout component that I am wacky enough to open up to user editing.

There is, however, one shortcoming. For some reason, anything that is put into header.thtml using "include_once" apparently isn't processed by the function that looks for {variables}. For example, the code in header.thtml that says:

Text Formatted Code
<img src="{site-logo}">
 


creates a broken image because instead of parsing "{site-logo}" into "logo.png" or whatever, it just leaves it as "{site-logo}" and looks for a file by that name in the current directory.

So... any ideas on how to fix this shortcoming? If we can't fix it, then it's not a huge deal... the only down side, really, is that it'd be pretty hard to make the footer customizable without losing the "Page generated in Umpteen Seconds" script.

Also... am I creating any security flaws here that I don't realize? I'm not worried about "user betrayal"... none of my users who I authorize to change this are going to do anything screwy. [I know them personally, and they don't even KNOW how to do screwy things. Smile ] But since I'm only moderately familiar with how PHP security works, I want to be sure that I'm not somehow opening up these files to editing by non-registered users.

Love and Healing,

Treesong
 Quote

Status: offline

Dirk

Site Admin
Admin
Registered: 01/12/02
Posts: 13073
Location:Stuttgart, Germany
First of all, when posting HTML or PHP code, use the forum's [ CODE ] button or it will be stripped out (as can be seen - or rather not seen - above).

The {variables} are only processed in the .thtml file itself, not in any code that you add there via PHP. But since you can use PHP, you don't need the variables anyway and can put in anything you want ...

PHP code in the header should follow the usual standards for PHP code, i.e always initialize your variables before using them (so that they can't be overwritten when register_globals is on). As for include_once: Use hard-coded paths or take extra care that any variables you're using in the path are properly initialised and can not be overwritten.

bye, Dirk
 Quote

Status: offline

Treesong

Forum User
Newbie
Registered: 11/21/05
Posts: 9
Thanks for the reply. I've edited the above post so that you can actually see the code now. You also said:

The {variables} are only processed in the .thtml file itself, not in any code that you add there via PHP. But since you can use PHP, you don't need the variables anyway and can put in anything you want


Is there any way to just change which file Geeklog looks at for its header and footer? And if so, would it work for me to tell Geeklog to use a file with a URL along the lines of:

Text Formatted Code
http://mysite.org/path/to/staticpage/index.php?page=header.thtml

 


This way, I could just have Geeklog directly use the static page as the entire header, making the header editable using the admin interface.

I'm not terribly concerned about this shortcoming (i.e. not being able to have variables parsed by thtml), so if it gets really complicated, I'm not going to worry about it. But it would be nice, and might be something that others would find useful too if they also want to have their admins able to edit header and footer without having to log in via FTP.

Love and Healing,

Treesong
 Quote

Status: offline

Dirk

Site Admin
Admin
Registered: 01/12/02
Posts: 13073
Location:Stuttgart, Germany
You can override the default header and footer by providing replacement functions in your theme. Geeklog checks for functions called themename_siteHeader (e.g. professional_siteHeader) and themename_siteFooter and uses those if they exist (instead of COM_siteHeader / COM_siteFooter). That should give you maximum flexibility.

bye, Dirk
 Quote

All times are EST. The time is now 02:11 pm.

  • Normal Topic
  • Sticky Topic
  • Locked Topic
  • New Post
  • Sticky Topic W/ New Post
  • Locked Topic W/ New Post
  •  View Anonymous Posts
  •  Able to post
  •  Filtered HTML Allowed
  •  Censored Content