Include and index.php/?contact

[unknowngiver]

hey
I am working on a site and i want to use includes statements to make it easy for the pplz who will manage tht site later on [i m doing it for someone else]

now i dont want to make 100 pages with includes statements of 100 files tht need to be included
so i need a dynamic way of doing this

this is wt i am trying to do

I want to put all the include statements in the index page [for that part of the code] and i want it to make it true when the statement comes true
for example something like

if site url has "index.php/?contact"
include('contact.txt');

elseif site url has "index.php/?about us"
include('about-us.txt');

and so on....

and then when making the navigation bar i can just type in "index.php/?contact" etc...


Thanks

 

[Eric]

<?php

//<a href="?page=contact">Contact</a>

$page = trim(strip_tags($_GET['page']));

if(file_exists($page.'.php'))
{
  include($page.'.php');
}
else
{
  include('default.php');
}
?>

 

[unknowngiver]

can i use the elseif command later on?
and SV ur a GENIUS!!! u deserve to kick billgates ass lol

 

[Eric]

No need. Just make sure the page you're passing it exists. I.E: if you do ?page=about, it will try to find about.php, if it exists, it is included. If not, shows the default page..such as the main index.

 

[unknowngiver]

o can i make it so it looks for about.txt instead of about.php and it looks for that in the "includes" folder?

 

[Eric]

  <?php

//<a href="?page=contact">Contact</a>

$page = trim(strip_tags($_GET['page']));

if(file_exists('includes/'.$page.'.txt'))
{
  include('includes/'.$page.'.txt');
}
else
{
  include('includes/default.txt');
}
?>

 

[unknowngiver]

greattttttttttt u rockkkk
but dont wrry i will be back soon with more questions lol
anyway Namepros is so mean

We're glad that you're fond of this member, but please give some rep points to some other members before giving it to SecondVersion again.

lol

 

[nasaboy007]

hey secondversion, question for you:

u trim and strip_tags the GET variable. is that to ensure that ppl cant put www.abc.com?page=http://www.virus.com/killawebsite.php as the link and run malicious codes? or is there another reason?

bcuz all the posts/articles i read on this include method, everyone always brought up the point that ppl cud run malicious codes like that and u use use a switch block instead.

 

[yeppers]

hey secondversion, question for you:

u trim and strip_tags the GET variable. is that to ensure that ppl cant put www.abc.com?page=http://www.virus.com/killawebsite.php as the link and run malicious codes? or is there another reason?

bcuz all the posts/articles i read on this include method, everyone always brought up the point that ppl cud run malicious codes like that and u use use a switch block instead.

Hey nasaboy, I might be able to answer that one for you .

The include function in the later default settings of php do not allow the website to include pages from other websites for that very reason!.

The 'strip_tags' function simply edits out any tags from the $page function that may have been included in the URL (someone could be trying to parse php code through the URL). So strip_tags will remove any '<?php' or '<?' etc from the variable.

Hope that helps,
Rhett.

 

[CreedFeed]

Yes, the strip_tags and trim functions can help ensure you don't have someone trying to run malicious code via your include functions. You can use a switch block instead and it'll basically be the same as what SecondVersion posted. In SecondVersion's code, he has a "file_exists()" call to ensure the file actually exists on your server in your includes folder before actually including it. This helps protect from malicious code as well, unless someone hacks into your account and places a file in your include folder.

 

[nasaboy007]

ah ok i get it thanks guys.

This helps protect from malicious code as well, unless someone hacks into your account and places a file in your include folder.

if they hack ur account, wut wud be the point of running malicious code? XD

 

[Eric]

Thanks Billy and Creed for explaining