Sibkis Posted August 1, 2011 Share Posted August 1, 2011 Gidday I am not quite sure what this is call but I have built a template using php and youtube I haveused includes to call the content <?php include_once "info.php";?> <?php include_once "menu.php";?> etc what I would like to do is if a user select a product or service only that information is shown.service designarchitectengineeringif a user select design than the design <?php include_once "designinfo.php";?> is diplayed.I think it's an elseif statement. Link to comment Share on other sites More sharing options...
nielcleo Posted August 1, 2011 Share Posted August 1, 2011 Gidday I am not quite sure what this is call but I have built a template using php and youtube I haveused includes to call the content <?php include_once "info.php";?> <?php include_once "menu.php";?> etc what I would like to do is if a user select a product or service only that information is shown.service designarchitectengineeringif a user select design than the design <?php include_once "designinfo.php";?> is diplayed.I think it's an elseif statement.try this one sir i thinks this is the code you've been searchingindex.php<a href="index.php">Home</a><br><a href="index.php?page=second">2nd Page</a><br><a href="index.php?page=another">Another Page</a><?phpif(isset($_GET['page'])){include($_GET['page'].'.php');}else{?><h1>HOME</h1><p>HOME CONTENT</p><?php}?> second.php (this is for the second page) <h1>Second Page</h1>Second Page content Test test test test test test :) Link to comment Share on other sites More sharing options...
Sibkis Posted August 1, 2011 Author Share Posted August 1, 2011 Thanks for the replyI have sorted it out now.What are you like on Dynamic Meta Tags and titles etc?Kind Regards Link to comment Share on other sites More sharing options...
jeffman Posted August 1, 2011 Share Posted August 1, 2011 include($_GET['page'].'.php'); PLEASE do not try this. Any half-intelligent child who figures out what you're doing can set up a very simple brute-force attack system that will attempt to execute files all over your server, including files that should only be executed in special circumstances. Files that you have deliberately hidden from normal HTTP access will also be exposed. Link to comment Share on other sites More sharing options...
nielcleo Posted August 2, 2011 Share Posted August 2, 2011 PLEASE do not try this. Any half-intelligent child who figures out what you're doing can set up a very simple brute-force attack system that will attempt to execute files all over your server, including files that should only be executed in special circumstances. Files that you have deliberately hidden from normal HTTP access will also be exposed.can you give us alternate for that sir? or its fine to navigate all the pages in one php file? Link to comment Share on other sites More sharing options...
samgenius Posted August 2, 2011 Share Posted August 2, 2011 can you give us alternate for that sir? or its fine to navigate all the pages in one php file?Use Switch Case Statementexample<?php <a href="?p=page1">page1</a> | <a href="?p=page2">page2</a> | <a href="?p=page3">page3</a>$x=isset($_GET['p'])?$_GET['p']:"";switch($x){ case"page1":include("page1.php");break; case"page2":include("page2.php");break; case"page3":include("page3.php");break; default:echo"Nopage is selected Yet";}?> Hope This Will Help You Link to comment Share on other sites More sharing options...
Sibkis Posted August 2, 2011 Author Share Posted August 2, 2011 Is there a version that can be used with over 500 pages?Or I think I might have to invest in a CMS pyro or EE maybe Link to comment Share on other sites More sharing options...
nielcleo Posted August 3, 2011 Share Posted August 3, 2011 Use Switch Case Statementexample<?php <a href="?p=page1">page1</a> | <a href="?p=page2">page2</a> | <a href="?p=page3">page3</a>$x=isset($_GET['p'])?$_GET['p']:"";switch($x){ case"page1":include("page1.php");break; case"page2":include("page2.php");break; case"page3":include("page3.php");break; default:echo"Nopage is selected Yet";}?> Hope This Will Help You i think it will be the same as i posted mine? can it be safe? Link to comment Share on other sites More sharing options...
thescientist Posted August 3, 2011 Share Posted August 3, 2011 i think it will be the same as i posted mine? can it be safe?no. in your example you were literally using the value of the p member in the $_GET array as the page to include. In the example given to you, a switch statement is created to make a map of possible $_GET values to pages to include. The value itself is not being used, only to make an association. That is the (big) difference. Link to comment Share on other sites More sharing options...
nielcleo Posted August 3, 2011 Share Posted August 3, 2011 no. in your example you were literally using the value of the p member in the $_GET array as the page to include. In the example given to you, a switch statement is created to make a map of possible $_GET values to pages to include. The value itself is not being used, only to make an association. That is the (big) difference.i think it is possible in if else statement? which one will be safest to use? it is still the switch? Link to comment Share on other sites More sharing options...
thescientist Posted August 3, 2011 Share Posted August 3, 2011 there's really no difference. What I was trying to explain to you was the difference between using the value directly vs. making a mapping. The security concern was that you were using a user inputted value $_GET['p'] to call your page directly. Link to comment Share on other sites More sharing options...
nielcleo Posted August 4, 2011 Share Posted August 4, 2011 there's really no difference. What I was trying to explain to you was the difference between using the value directly vs. making a mapping. The security concern was that you were using a user inputted value $_GET['p'] to call your page directly.can you suggest sir which better code for navigating the pages?or can you take a look how they navigate this page..demo blog Link to comment Share on other sites More sharing options...
birbal Posted August 4, 2011 Share Posted August 4, 2011 like thescintist said..Using the switch case is more secure. if you look into switch case strcuture it is restriciting the include. it will include only it matches.suppose user pass somepage.php?p='/webroot/someRestrictedFile.php'include($_GET['p']);so it will let the script include that restricted file which is not supposed to be included. where sswitch case wont let it be included it will just throw you to the default block. switch case is basicly is filtering the user input. all external input should be filtered. Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.