Creating PHP Splash Pages

Program owners take note! If you’ve ever wanted to turn a splash page into a splash page your users can use, you’ll want to bookmark this page. It’s very simple but if you don’t know how to do it, where do you start?

1. Create the Splash Page in normal, dull, HTML

This is the easy part. Get a splash page made, make it yourself, whatever. Just have it in the normal HTML mode, and use your own referral link in all the links. Below is an example link:

http://www.startxchange.com/?referer=xxclixxx

2. Change the links

Next you need to open your html file with notepad. Only use notepad, unless you know the program is a PHP editor. Then find your userid or username from your link. In the example above, it’s xxclixxx. Search the html file and replace your username with:

<?php=$userid?>

The URL above now becomes what’s shown below. It’s important to make sure all links on the splash page are using referral links, and all links have been replaced with this code. Otherwise you’ll get angry affiliates thinking you are cheating them out of their referrals.

http://www.startxchange.com/?referer=<?php=$userid?>

3. Add this header

Simply put, add the following to the top of the page BEFORE the <html> tag. Ok, so it’s not crucial to be above that tag, but to keep things smooth and simple, put it before any other code.

<?php
$userid = ereg_replace("[\'\")(;|`,<>]", "",$_GET["userid"]);
?>

This is important for two reasons. You don’t have to have register globals turned on, and you don’t have to worry about XSS attacks. It cleans the user id for anything harmful, before letting you put it into the page.

4. Rename the file

Last, you’ll just rename that .html file to .php, and upload it to your website. Say you name it splash3.php, then your users would link to it as such:

http://www.yoursite.com/splash3.php?userid=xxclixxx

It’ll magically change all the links to have the ID in the userid field. Pretty sweet!

5. Bonus: Changing the variable name!

If you want it to be ?referer= rather than ?userid= all you have to do is change the header section. Where it says $_GET["userid"] change that text inside the quotes to something else. It could be anything. Just make sure you don’t change anything else, and keep the quotes!

Preventing XSS Exploits

If you don’t know what XSS is, and you are a web developer. Well, it’s time to wake up. XSS or Cross Site Scripting is basically injecting code onto someone else’s website. By doing it, you can do all sorts of nasty stuff.

The good thing is, it’s pretty simple to prevent this in PHP:

$string = ereg_replace("[\'\")(;|`,<>]", "", $string);

This piece of code will take out the characters needed to do the XSS exploits. There are also some in there that are useful to clean user input before say adding a string to a database query. It’s necessary to clean EVERY variable inputted by the end user, even ones you don’t put into a database or output to the user. Some time down the road you might use it, and not realize you forgot to clean it first.

Connection: closed & PHP fsockopen

Wow. It’s incredible the difference two words will make: “Connection: closed” with a PHP command fsockopen changed the website scanner’s speed dramatically. I won’t go into the details, I found them here. But the key thing is for me to post about it so later when I forget about it I can find it again on my blog. That’s what a blog is for afterall, right? =P

Displaying Random Links

This tutorial goes out to Andre who wanted to use the URL Rotator for something similar but different. In this tutorial I am going to assume that you already have a database table “textlinks” set up with at least the following fields: title, url

The Code

<?
$global_dbh = mysql_connect("localhost","dbusername","dbpassword");
mysql_select_db("dbname", $global_dbh);

$query = "SELECT `title`, `url` FROM `textlinks` ORDER BY RAND() LIMIT 10";
$result = mysql_query($query, $global_dbh);
$cnt = mysql_num_rows($result);

for ($i=0; $i<$cnt; $i++) {
$row = mysql_fetch_row($result);
echo "<a href='$row[1]' target='_blank'>$row[0]<br />";
}
?>

This is fairly simple, however it is put in the “Advanced” section of the tutorials as the “Basic” will be just syntax and the very basics.

The first paragraph we connect to the database. Remember to change dbusername, dbpassword, and dbname to your username, password, and database name.

The second paragraph is the key MySQL command. ORDER BY RAND() tells it to randomly pick them. LIMIT 10 tells it to limit the results to 10 rows.

The third paragraph just goes through all the rows, and outputs the links. If you prefer to use $row[“title”] and $row[“url”] change mysql_fetch_row to mysql_fetch_array.

So there you have it! Any questions?

Random things with PHP

Especially when it comes to advertising, random things can be quite usefull. Random ads, sites, etc, can all be done with PHP very easily.

Step 1: Build an Array
You’ll first need an array of whatever will be random. If you are doing images, then the URLs to all the images. If you are doing banners then you’d need to do the full link and image code. In this example I’m going to make a random image script.

$randomarray = array("image1.jpg","image3.jpg","cat.gif","freddy.png");

Step 2: Output the Random Pick
Next is the core of it. I’ll put the code down, and then explain it in depth for those who need more explaination. You can of course just play with the code (the best way to learn).

$img = $randomarray[mt_rand(0, count($randomarray)-1)];
Header("Location: $img");

Explaination:

$max = count($randomarray) - 1;
$randnumber = mt_rand(0, $max);
$img = $randomarray[$randnumber];

Because looking at the one liner can be confusing, I’ve broken it down into 3 lines so you can understand it. The gist of it is this:

Line 1: Get the maximum value you want the random number to be. In this case, it is the number of items in the array minus one. That is because PHP counts 0, 1, 2, 3 not 1 2 3 4 like we do. There are 4 items in the array, but if you had a random number between 0 and 4 picked, then $randomarray[4] would return nothing.

Line 2: This is the core of it, mt_rand takes two arguements: $min, $max. Just give it the minimum and maximum numbers to pick between.

Line 3: This just assigns the chosen image to $img for easier inserting into the Header() statement.

Getting your PHP Info

One of the first things you should learn how to do with PHP, is getting all the info about your PHP installation.

Sometimes you’ll see a script that says it requires a certain setting to be one way. If you don’t know, you could be purchasing something you can’t use.

It is as simple as making a script, and naming it something like phpinfo.php – I’d recommend naming it something else, so people can’t run it themselves. The less one knows about your setup, the harder it is to be mischeaveous.

<?php
phpinfo();
?>

It’s that simple. You’ll then get a full page of information about your PHP Installation.