Simple PHP Navigation
Started by
Squid
, Nov 05 2005 03:56 PM
28 replies to this topic
#21
Posted 30 April 2006 - 02:44 PM
You don't need to add a case statement in the post I linked to
Thanks
Thanks
#22
Posted 02 May 2006 - 07:11 PM
NP ^-^
#23
Posted 03 May 2006 - 05:32 PM
I would just go like this
if(isset($_GET['id])) { $requestlct = $_GET['id']; } else { $requestlct = 'idx'; } $requestlct = str_replace("+", "/", $requestlct); if (file_exists("source/$requestlct.php")) { include("source/$requestlct.php"); } else { include('source/errors/404.php'); }
Edited by Koncept, 04 May 2006 - 04:41 PM.
#24
Posted 05 May 2006 - 11:59 AM
Not sure what you are saying thereNP ^-^
Do you know what advantages one has over the other, or does anybody else know?
What are the advantages of using this code compared to the others posted?I would just go like this
if(isset($_GET['id])) { $requestlct = $_GET['id']; } else { $requestlct = 'idx'; } $requestlct = str_replace("+", "/", $requestlct); if (file_exists("source/$requestlct.php")) { include("source/$requestlct.php"); } else { include('source/errors/404.php'); }
#25
Posted 06 May 2006 - 12:52 PM
In this code
This part
} else {$requestlct = 'idx'; That is the default file it will get if nothing is specified. To make the idx work you must have a file in the source folder with the name idx.php so the path to your idx file would be "source/idx.php"
This part
Hope that helps. Thats a great way to do the navigation although ALL your files must have the .php extention to work.
if(isset($_GET['id])) { $requestlct = $_GET['id']; } else { $requestlct = 'idx'; } $requestlct = str_replace("+", "/", $requestlct); if (file_exists("source/$requestlct.php")) { include("source/$requestlct.php"); } else { include('source/errors/404.php'); }
This part
if(isset($_GET['id])) { $requestlct = $_GET['id']; } else { $requestlct = 'idx'; }Calls the id the first part of that $requestlct = $_GET['id']; gets the file name that you put in the link. The else statment
} else {$requestlct = 'idx'; That is the default file it will get if nothing is specified. To make the idx work you must have a file in the source folder with the name idx.php so the path to your idx file would be "source/idx.php"
This part
$requestlct = str_replace("+", "/", $requestlct); if (file_exists("source/$requestlct.php")) { include("source/$requestlct.php"); } else { include('source/errors/404.php');Checks to see if the file exist and if it does it sends you to "source/$requestlct.php" where $requestlct.php is the page name. like if your link was index.php?id=news the $requestlct.php would turn into news.php. If the file you specifed doesnt exist you are sent to the 404.php page which is your error page.
Hope that helps. Thats a great way to do the navigation although ALL your files must have the .php extention to work.
#26
Posted 08 May 2006 - 03:37 PM
Thanks for the explanation mbx5nitro My query however is that code better than the code that was posted earlier in the topic?
Livemans code but shorter
<?php $id = $_GET['id']; (!$id || !file_exists("$id.php")) ? include 'news.php' : include "$id.php"; ?>
A quick explanation on what livemans code does to those who dont know:
Basically it checks if the variable id is empty or if a php file exists with that id, if either condition is true it includes news.php else it includes the requested file
I would recommend the case method as its securer
#27
Posted 08 May 2006 - 07:41 PM
Im not sure i dont understand the security aspect enough to say i would say the code i explained is better but i dont know. maybe someone else can say more.
#28
Posted 21 May 2006 - 05:58 AM
man that tut helped me alote thanks
#29
Posted 30 May 2006 - 03:04 PM
just make sure you dont have any secret files cause someone might use
?id=../../secrets/ftppasswords.ext
You would be correct, assuming he was doing something like include $_GET['id'].".php";
which i think is bad coding all together without some sort of checking of the user input. I think I've read it hear before as well as elsewhere, but as you code, you should never trust user input. Even by accident, someone can find a vulnerability.
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users