Two "flavors" of the same website? (ie. different domain names pointing to same site)

Joseph_Sliker

Hi; Again, this probably a very basic question, but...well, that's me.

Suppose I own two (or more) domain names such as "esharp.com" and "fflat.com", which are both associated with the very same server.

The sites are intended to be functionally identical, but if the user is attempting to connect to "esharp.com" we want the site to be styled slightly differently (different logos, different color scheme, superficial stuff like that) than the visitor of "fflat.com" would see. Is there a way to associate, say a custom .css file and/or set of default images with "index.php" depending upon which site the user intends to visit?

Joseph_Sliker

Okay...I think I have figured out something I could do...but if anyone thinks this is potentially stupid/dangerous, I'd appreciate the input.

<?php
$_server_server_name=ltrim($_SERVER["SERVER_NAME"], "www."); //or should I use ["HTTP_HOST"]?;

if($_server_server_name=="esharp.com") {
$logoimage="esharp.png"; 
$usethis_css="esharp.css";   

} else {
$logoimage="fflat.png";     

$usethis_css="fflat.css";  

}

echo "
<head>
<link rel=\"stylesheet\" type=\"text/css\" href=\"$usethis_css\" />
</head>
<body>
<img src=\"logos/$logoimage\">
</body>
</html>";
?>

sneakyimp

Your basic approach looks sound to me. It's good to have a default in the event that the domain just happens to be something other than one of those two options (e.g., localhost or an ip address).

As for which to use, I don't really know which is better. It's helpful to checkout out what these constants mean:

'HTTP_HOST'
    Contents of the Host: header from the current request, if there is one. 
'SERVER_NAME'
    The name of the server host under which the current script is executing. If the script is running on a virtual host, this will be the value defined for that virtual host.

This doesn't look especially informative to me.

You should try and keep in mind that these values might be manipulated by malicious users. Your code above does not look especially vulnerable to malicious manipulation.