unknowngiver

hey
I am working on a site and i want to use includes statements to make it easy for the pplz who will manage tht site later on [i m doing it for someone else]

now i dont want to make 100 pages with includes statements of 100 files tht need to be included
so i need a dynamic way of doing this

this is wt i am trying to do

I want to put all the include statements in the index page [for that part of the code] and i want it to make it true when the statement comes true
for example something like

if site url has "index.php/?contact"
include('contact.txt');

elseif site url has "index.php/?about us"
include('about-us.txt');

and so on....

and then when making the navigation bar i can just type in "index.php/?contact" etc...


Thanks

Please register or log-in into NamePros to hide ads

SecondVersion

__________________

unknowngiver

can i use the elseif command later on?
and SV ur a GENIUS!!! u deserve to kick billgates ass lol

SecondVersion

No need. Just make sure the page you're passing it exists. I.E: if you do ?page=about, it will try to find about.php, if it exists, it is included. If not, shows the default page..such as the main index.

__________________

unknowngiver

o can i make it so it looks for about.txt instead of about.php and it looks for that in the "includes" folder?

SecondVersion

__________________

unknowngiver

greattttttttttt u rockkkk
but dont wrry i will be back soon with more questions lol
anyway Namepros is so mean

Quote:

We're glad that you're fond of this member, but please give some rep points to some other members before giving it to SecondVersion again.

lol

nasaboy007

hey secondversion, question for you:

u trim and strip_tags the GET variable. is that to ensure that ppl cant put http://www.abc.com?page=http://www....illawebsite.php as the link and run malicious codes? or is there another reason?

bcuz all the posts/articles i read on this include method, everyone always brought up the point that ppl cud run malicious codes like that and u use use a switch block instead.

__________________

BillyConnite

Originally Posted by nasaboy007

hey secondversion, question for you: u trim and strip_tags the GET variable. is that to ensure that ppl cant put http://www.abc.com?page=http://www....illawebsite.php as the link and run malicious codes? or is there another reason? bcuz all the posts/articles i read on this include method, everyone always brought up the point that ppl cud run malicious codes like that and u use use a switch block instead.

Hey nasaboy, I might be able to answer that one for you .

The include function in the later default settings of php do not allow the website to include pages from other websites for that very reason!.

The 'strip_tags' function simply edits out any tags from the $page function that may have been included in the URL (someone could be trying to parse php code through the URL). So strip_tags will remove any '<?php' or '<?' etc from the variable.

Hope that helps,
Rhett.

__________________
<?php if(1===1){ $computer="fine."; }else{ $computer="broken."; } echo "Your computer is ".$computer; ?>

CreedFeed

Yes, the strip_tags and trim functions can help ensure you don't have someone trying to run malicious code via your include functions. You can use a switch block instead and it'll basically be the same as what SecondVersion posted. In SecondVersion's code, he has a "file_exists()" call to ensure the file actually exists on your server in your includes folder before actually including it. This helps protect from malicious code as well, unless someone hacks into your account and places a file in your include folder.

__________________

nasaboy007

ah ok i get it thanks guys.

Quote:

This helps protect from malicious code as well, unless someone hacks into your account and places a file in your include folder.

if they hack ur account, wut wud be the point of running malicious code? XD

__________________