Add language path into browser address bar - javascript

I'm looking for information about adding extra information into browser address bar. for example language path.
So what type of code should I look for if I wanna change browser address from mysite.com/index.php to mysite.com/EN/index.php
but at the same time, I don't have to make an extra folder for each language file what I add for the website.

It depends on which web server is hosting the application. If apache, a way to get this is using AliasMatch directive. See https://httpd.apache.org/docs/2.4/mod/mod_alias.html#aliasmatch. This applies to httpd.conf (global apache configuration file) or .htaccess (local apache configuration file) and requires mod_alias.
Example:
AliasMatch "^/(EN|FR|PT)/(.*)" "/local/path/$2"
will accept /EN/... /FR/... and /PT/... .
or
AliasMatch "^/([A-Z]{2})/(.*)" "/local/path/$2"
will accept any two upper case letters as prefix.
After getting this working, in order to determine which language to show, you should check $_SERVER[‘REQUEST_URI’] variable in your PHP script.

Just go to the public folder in the hosting and create a new folder in it named EN and copy index.php to the folder EN and try the path mysite.com/EN/index.php .It should work.

You will probably need to handle this on the server side. When a request is made to mysite.com/EN/index.php, the server checks the request URL for the language part EN and serves a webpage with the corresponding language from wherever it resides in the file structure.

Related

Confusion regarding Apache document root

In one of the applications that I am working on for my company, I came across a weird behaviour or maybe it's just my misunderstanding and I hope I can get some clarification.
The application is served by Apache and the root is : /company/client. For every page that I visit, for example https://11.11.11.11/index.phtml, it will actually point to the file in the server /company/client/index.phtml and so on. In one of the modules of the application, it contains a move_uploaded_file php function, and the target directory is /images/example/, when the page is run, the app is trying to go to the absolute server root /images/example/ instead of /company/client/images/example/.
Also the a new windowed opened up by window.open has an img tag having src='/images/exmaple/', this points to the server root instead of /company/client/images/example/, is this expected?
Am I missing anything, or is it something to do with Apache configuration?
Additional info:
The application is served as a virtual host in conf file, with DocumentRoot "/company/client/".
The page that is executing window.open and php function is used as an Iframe inside /company/client/index.phtml
sorry for my mistake.
Thanks for the help from the everyone especially Chris G, the problem was that the code is using a GET variable incorrectly, as a result the image name isn't passed. And I got confused because someone made a mistake in the code by moving image relative to the root folder which is incorrect. That made me think that PHP is also treating path like the client side which is a mistake. I'm guessing I can conclude that the web server document root only applies to everything client side, like the url, JS, HTML?

How can I find the current html filepage name using Javascript, on a LIVE-SERVER

I am going to deploy this page on an FTP
And I need to find out how I can detect the html file currently being viewed using JavaScript.
If I open the html file, it works just fine with this:
var fileName = location.href.substring(location.href.lastIndexOf("/") +1);
But, if I open it via my localhost adress, it has a null value. So I'm guessing I have to use some other method to extract the current html file name. Or is there a better approach to this?
Note: I am not going to use JQuery or anything like that.
EDIT:
I can get the filename if it isn't my index file.. If it's the index file I get nothing using the above code. Most likely since all I have in my adress bar is the localhost adress of the live-server?
The web deals in URLs, not file names.
Sometimes a URL will include something that looks like a file name, and sometimes that even maps on to a real file name on the server's hard disk.
When you type http://example.com/ then it might map that onto a file called index.html. Or maybe on to index.php. Or maybe it won't touch any file but will just use logic built into the web server application to determine what to respond with.
There's no way to know in the general case.
If your specific case, you know that the path / maps onto index.html, so you can write an explicit mapping in your JavaScript code.

web security: What happens when Content-Disposition is not supplied?

I am allowing users to download files from my application. For that I am explicitly setting "Content-Disposition" as "inline" or "attachment" based on the type of file. This is kinda manual right now. So, for pdf files i set it to "inline" but for html files I set it to "attachment".
Is there a way to automatically decide the value of "Content-Disposition" in express based on file type ?
If I do not send a "Content-Disposition" header, it seems to me currently that the request is treated like it has "Content-Disposition: inline" . Is this observation correct, or is there something more to it?
If by default browser tries to execute/preview the files (based on point 2), what does it mean for security when you allow downloading html files which can execute javascript?
Is there a way to automatically decide the value of "Content-Disposition" in express based on file type ?
You could write middleware that inspects the response and modifies it.
If I do not send a "Content-Disposition" header, it seems to me currently that the request is treated like it has "Content-Disposition: inline" . Is this observation correct, or is there something more to it?
See MDN which says: "The first parameter in the HTTP context is either inline (default value, indicating it can be displayed inside the Web page, or as the Web page)…"
If by default browser tries to execute/preview the files (based on point 2), what does it mean for security when you allow downloading html files which can execute javascript?
Not a lot unless you are serving up JavaScript that you (the website author) do not trust.
If you need to serve HTML documents which might contain JavaScript you don't trust then serve them from a different origin (to use the Same Origin Policy to sandbox them) and/or implement a Content Security Policy to ban them from executing JavaScript.

How to add custom password reset template for Parse app hosted on Parse?

I have a web application that I am hosting on Parse with a subdomain "appname".parseapp.com url (The quotes are not actually there, and that's not the actual link to my app). Supposedly, I am able to use my own templates for things like the password reset form, however, I haven't had any success. I downloaded the template, modified it, and put it in my public directory then deployed it. I set the Parse Frame URL to the "appname".parseapp.com/user_management.html like it says after also putting the user_management.html file in my public directory, then I set the directory of password reset file in the Customize User-Facing Pages section as choose_password.html since it is right in the public directory. The link sent to the email that attempts to reset the password somehow keeps being wrong and gives me a 404. I'll get a link like this: "appname".parseapp.com/user_management.html?link=%2Fapps%2Fschool-project%2Frequest_password_reset&token=TvIoEhOD8ZsWAP414jBCbY3OI&username=testuser
Any Idea why this isn't working correctly?
Figured out my mistake. I was supposed to include the entire link for the template not just the directory after the domain. e.g. "appname".parseapp.com/choose_password.html rather than just /choose_password.html

How do I link JS external files outside of my PHP project root directory?

On my site I have my resources folder outside of the root, for example:
/var/www/html/ is the root directory
/var/www/resources/
I currently have a config file that sets the location of the library so I can include it with php like so:
defined("LIBRARY_PATH")
or
define("LIBRARY_PATH", realpath(dirname(__FILE__) . '/library'));
which works perfectly when I use:
<?php include_once(LIBRARY_PATH . "/file.php"); ?>
but it doesn't work when trying to add Javascript files:
e.g.
<script src="../resources/library/js/test.js"></script>
links to 'www.website.com/resources/library/js/common.js'
or
<script src="<?php echo LIBRARY_PATH; ?>/js/test.js"></script>
links to 'www.website.com/var/www/resources/library/js/test.js'
neither of which work.
Any suggestions on how I can do this without having the js files in or above the root?
Your JavaScript files have to be accessible to the browser because they are executed by the browser and not by the server.
This requires that they have a URL.
Putting the files under the webroot is the standard way to give a static file a URL.
Alternatively, you could write a program (e.g. in PHP) that will read the file and then output it's content to the browser. This is more complicated and makes dealing with cache control headers more fiddly and is not recommended.
Assuming you understand what you're doing and security implications of that!..
You create the linkjs.php script that takes the relative path to the script (from some root dir, perhaps /var/www/resource/js) as a parameter, like:
<script src="/linkjs.php?p=test.js">
In your PHP script you resolve the full file path, check that it's indeed a file under the root dir (to protect against ../ in the parameter), that it's readable by you PHP user, read the content and output it into the response. Don't forget to set content type to text/javascript of course.
Ideally, you should also provide proper caching headers based on the source file modification time, but that is a topic in itself. See the guidelines in other SO questions about proper caching headers for dynamic content.
The upside is that you can do on-the-fly script minification/combining/wrapping/substitutions if you like/need.

Categories