Reputation: 79
The best way to generate a PHP page?
I recently started working on an image board like website, i stumbled upon needing to generate a random PHP page when the button "create thread" is clicked, i tried googling how to do so but unfortunately didn't find a any clue so i tried to improvise a little bit and come up with my own solution, the only solution i found is this :
<?php
$randomizer = rand(0,30000)*rand(123456,2323232);
$file = fopen("$randomizer.php",'w');
$username = $_POST['user'];
$threadContent = $_POST['content'];
$phpString = " <!DOCTYPE html>
<html>
<head>
<title>Main page</title>
fwrite($file, $phpString);
header("location: $randomizer.php");
$phpString basically contains the whole HTML and PHP of the page i would like to generate so i can't really include it all here it's really long. This approach works how it normally would, so i'm just wondering whether there is a better way to do it.
Upvotes: 0
Views: 393
Answers (2)
Reputation: 1333
As said in the comments, this is not a good idea for many reasons. I'll show some of them and in the end a little Proof of Concept about one way to do it properly and Frameworks that can help. If you still want to do it in this way, check this awnser.
Maintenence by the server owner
Creating one file per "thread" can make things really hard to be changed. If you have some error on thread creator code (or even want to change some visual, brand, add a new feature, etc) you would have to change every already generated file.
Security
One security flaw would be multiplied to N files, making a huge headache. In your example, if you write threadContent without escaping, it will lead to XSS that should be searched and fixed on every already generated file.
Administration by users
To edit typos, or any other thing that the user that generates the file wants, he would have to have access to edit files on your server, or you would have to create a script to change directly the file contents, which is bad.
Search engine
Imagine how difficult would be to create a search engine on your site to find some thread by title, content, etc on all files.
Fun fact
If the StackOverflow site uses this method and each question file has ~10kb, it would have ~206GB only in question files to manage. You can see how many questions StackOverflow has here.
How it should be done?
There are many ways to do it, I'll show one very simple to explain and some frameworks that can help you.
The data can be stored on your database, like:
| id | user_id | title | content |
|---|---|---|---|
| 1 | 1 | Example | Lorem Ipsum ... |
And then create one file that works as a template to serve all your user-generated threads:
thread-template.php
<!DOCTYPE html>
<html>
<head>
<title><?php echo htmlspecialchars($post['title'], ENT_QUOTES, 'UTF-8'); ?></title>
</head>
<body>
<?php echo htmlspecialchars($post['content'], ENT_QUOTES, 'UTF-8'); ?>
</body>
</html>
Before rendering the template, you need to fetch the data from the database:
$stmt = $pdo->query("SELECT * FROM posts WHERE id = 1");
$post = $stmt->fetch();
require("thread-template.php");
Frameworks
Many frameworks can help you to do it easily, using the MVC method.
Model
The central component of the pattern. It is the application's dynamic data structure, independent of the user interface. It directly manages the data, logic and rules of the application.
View
Any representation of information such as a chart, diagram or table. Multiple views of the same information are possible, such as a bar chart for management and a tabular view for accountants.
Controller
Accepts input and converts it to commands for the model or view.
Upvotes: 5
Reputation: 7225
As others have said in the comments, this is definitely not the best way to serve HTML with a PHP server. However, if you really want to serve HTML by making a file in PHP and then serving it, you can use include() to point the file you made.
<?php
$randomizer = rand(0,30000)*rand(123456,2323232);
$file_path = "/tmp/"."$randomizer.php";
$file = fopen($file_path,'w');
$username = $_POST['user'];
$threadContent = $_POST['content'];
$phpString = " <!DOCTYPE html>
<html>
<head>
<title>Main page</title>
</head>
<body>Wrote ".$randomizer."
</body>
</html>";
fwrite($file, $phpString);
include($file_path);
?>
Upvotes: 2
Related Questions
- How to create a page in WordPress with PHP and without using an admin panel or creating an HTML file?
- How to generate a HTML page dynamically using PHP?
- Generating an HTML File [PHP]
- How to generate Self Created pages dynamically?
- Create an HTML file wih PHP?
- Creating an HTML page from PHP
- create html page from php
- Best method for generating html content to a single web page
- method for creating PHP templates (ie html with variables)?
- Whats the best way to create templates using php?