homepage Welcome to WebmasterWorld Guest from 54.166.116.36
register, free tools, login, search, pro membership, help, library, announcements, recent posts, open posts,
Become a Pro Member

Home / Forums Index / Code, Content, and Presentation / PHP Server Side Scripting
Forum Library, Charter, Moderators: coopster & jatar k

PHP Server Side Scripting Forum

    
PHP script needed to insert URL
AlexB77

5+ Year Member



 
Msg#: 4364205 posted 10:48 am on Sep 19, 2011 (gmt 0)

Hey guys,

Can anyone help me with some sort of PHP script to perform the following:

<fb:like href=" [PHP SCRIPT to insert URL of the Page] " send="false" layout="button_count" width="70" show_faces="false" action="like" font="arial"><\/fb:like>


So what I meant was I do have this Facebook like button on every page of my site and would ideally like to insert the URL into href=" " automatically by copying it from "I guess an address bar or elsewhere" and automatically pasting it within that href.

I know that this is somehow achievable, since I have seen it somewhere, but do not know how to do it.

Any help will be much appreciated.

 

rocknbil

WebmasterWorld Senior Member rocknbil us a WebmasterWorld Top Contributor of All Time 5+ Year Member



 
Msg#: 4364205 posted 4:01 pm on Sep 19, 2011 (gmt 0)

Try one of these.

<fb:like href="<?php echo get_permalink( $post->ID ); ?>" send="false" layout="button_count" width="70" show_faces="false" action="like" font="arial"></fb:like>


<fb:like href="<?php echo $_SERVER["SERVER_NAME"]. '/' . $_SERVER["REQUEST_URI"]; ?>" send="false" layout="button_count" width="70" show_faces="false" action="like" font="arial"></fb:like>

That last one might not need the slash

<fb:like href="<?php echo $_SERVER["SERVER_NAME"] . $_SERVER["REQUEST_URI"]; ?>" send="false" layout="button_count" width="70" show_faces="false" action="like" font="arial"></fb:like>

Also it is possible this may fail:
<\/fb:like>

You only need to escape if you're echoing within PHP and then only under certain conditions.

</fb:like>

Demaestro

WebmasterWorld Senior Member demaestro us a WebmasterWorld Top Contributor of All Time 10+ Year Member



 
Msg#: 4364205 posted 4:58 pm on Sep 19, 2011 (gmt 0)

I warn against using $_SERVER["REQUEST_URI"]

It opens you up for XSS attacks

AlexB77

5+ Year Member



 
Msg#: 4364205 posted 5:56 pm on Sep 19, 2011 (gmt 0)

Hey Guys,

First would like to Thank you for your response and now back to my problem.

I have tried to use <?php echo get_permalink( $post->ID ); ?> but since

<fb:like href="<?php echo get_permalink( $post->ID ); ?>" send="false" layout="button_count" width="70" show_faces="false" action="like" font="arial"></fb:like> is within the Javascript (See full code below) it did not work.

<script type="text/javascript">
//<![CDATA[
(function() {
document.write('<div id="fb-root"><\/div><fb:like href="<?php echo get_permalink( $post->ID ); ?>" send="false" layout="button_count" width="70" show_faces="false" action="like" font="arial"><\/fb:like>');
var s = document.createElement('SCRIPT'), s1 = document.getElementsByTagName('SCRIPT')[0];
s.type = 'text/javascript';
s.async = true;
s.src = 'http://connect.facebook.net/en_US/all.js#xfbml=1';
s1.parentNode.insertBefore(s, s1);
})();
//]]>
</script>


What am I doing wrong or should I add something to it. I am not really good with Java sorry!

penders

WebmasterWorld Senior Member penders us a WebmasterWorld Top Contributor of All Time 5+ Year Member Top Contributors Of The Month



 
Msg#: 4364205 posted 6:41 pm on Sep 19, 2011 (gmt 0)

I believe get_permalink [codex.wordpress.org] is a WordPress function, so if you are not using WordPress you will need to use one of the other methods mentioned. However, as Demaestro mentions, using REQUEST_URI (and PHP_SELF) without sanitizing first is a possible security issue. If you are using JavaScript (not Java) anyway, you could use location.href - although I think this could be open to the same XSS attack if you are simply writing it out.

Either way, I think you will need to sanitize the URL anyway for the benefit of your FB like button, although I'm not sure how specific it is?

g1smd

WebmasterWorld Senior Member g1smd us a WebmasterWorld Top Contributor of All Time 10+ Year Member



 
Msg#: 4364205 posted 7:11 pm on Sep 19, 2011 (gmt 0)

Do you want to use the exact URL that was requested?

That would be a big problem when a non-canonical URL was used to access the page.

You'll need a further level of processing to return the canonical URL for non-canonical requests.

Demaestro

WebmasterWorld Senior Member demaestro us a WebmasterWorld Top Contributor of All Time 10+ Year Member



 
Msg#: 4364205 posted 7:39 pm on Sep 19, 2011 (gmt 0)

Alex,

Is the file this .JS lives in a .php file?

If no and it is just a .js file then you will want this:

var url_loc = document.location.href;

document.write('<div id="fb-root"><\/div><fb:like href="' url_loc


If you go this route make sure you do a little work to guard against XSS

AlexB77

5+ Year Member



 
Msg#: 4364205 posted 9:18 pm on Sep 19, 2011 (gmt 0)

The script is within a simple .html file that has only one canonical URL (meaning there is no way it can be link in non-canonical way)
"http://www.mysite.com/my_folder/my_file.html".

Where can I find any info about XSS and how would you recommend using it in order to remain protected?

Thanks guys for your help

g1smd

WebmasterWorld Senior Member g1smd us a WebmasterWorld Top Contributor of All Time 10+ Year Member



 
Msg#: 4364205 posted 9:21 pm on Sep 19, 2011 (gmt 0)

The script is within a simple .html file that has only one canonical URL (meaning there is no way it can be link in non-canonical way)
"http://www.example.com/my_folder/my_file.html".

So all of these don't return that same page?
*
http://www.example.com///my_folder///my_file.html
*
http://www.example.com/my_folder/my_file.html?some-appended-stuff
*
http://example.com/my_folder/my_file.html
AlexB77

5+ Year Member



 
Msg#: 4364205 posted 9:29 pm on Sep 19, 2011 (gmt 0)

No it will redirect to the canonical URL

AlexB77

5+ Year Member



 
Msg#: 4364205 posted 9:32 pm on Sep 19, 2011 (gmt 0)

I use canonical link tag on every page, can the link somehow be copied from this tag and pasted into href

g1smd

WebmasterWorld Senior Member g1smd us a WebmasterWorld Top Contributor of All Time 10+ Year Member



 
Msg#: 4364205 posted 9:40 pm on Sep 19, 2011 (gmt 0)

If it's stored in some variable, then most likely it can.

AlexB77

5+ Year Member



 
Msg#: 4364205 posted 9:55 pm on Sep 19, 2011 (gmt 0)

<link rel="canonical" href="http://www.example.com/my_folder/my_file.html"> in the meta

penders

WebmasterWorld Senior Member penders us a WebmasterWorld Top Contributor of All Time 5+ Year Member Top Contributors Of The Month



 
Msg#: 4364205 posted 11:22 pm on Sep 19, 2011 (gmt 0)

If you are generating your canonical tag via a server-side script then you've probably already got a more direct way of accessing it...

The script is within a simple .html file...


May be you're not using any server-side script after all, in which case PHP might not have been much help anyway?

Anyway, to access your link (rel="canonical") element via JavaScript and grab the URL, then place this above your facebook code...

<script type="text/javascript"> 
function getCanonicalUrl() {
var url = '';
var linkElems = document.getElementsByTagName('link');
for (var item=0; item<linkElems.length; item++) {
if (linkElems[item].rel == 'canonical') {
url = linkElems[item].href;
break;
}
}
return url;
}
</script>


And then inside your FB code...
...<fb:like href="' + getCanonicalUrl() + '" send="false"...

AlexB77

5+ Year Member



 
Msg#: 4364205 posted 8:20 am on Sep 20, 2011 (gmt 0)

Thanks penders,

I will give it a shot, lets see if this will do the trick

Thanks

Global Options:
 top home search open messages active posts  
 

Home / Forums Index / Code, Content, and Presentation / PHP Server Side Scripting
rss feed

All trademarks and copyrights held by respective owners. Member comments are owned by the poster.
Home ¦ Free Tools ¦ Terms of Service ¦ Privacy Policy ¦ Report Problem ¦ About ¦ Library ¦ Newsletter
WebmasterWorld is a Developer Shed Community owned by Jim Boykin.
© Webmaster World 1996-2014 all rights reserved