Hello:
I wouldn't add the ".php" extension into the value passed in the query string. I would concatenate that onto the value after it has been evaluated and verified.
I would do something like this:
1) create an array of acceptable page requests
2) check to see if there is a value passed in the query string using the $_GET super global
3) verify that the page request is valid by checking the value in the string against the values in your array
4) if the request is good, i would then require the page/if not require a default.
<p style="border:solid 1px #bbb; padding:10px;">
<a href="?temp_view=default">index</a> :
<a href="?temp_view=products">products</a> :
<a href="?temp_view=register">register</a> :
<a href="?temp_view=about">about</a> :
<a href="?temp_view=contact">contact</a> :
</p>
<?php
// make a list of acceptable page requests:
$pages = array('default','register','about','contact','products');
// get value from q-string:
if(isset($_GET['temp_view'])){
$page = $_GET['temp_view'];
}
// if no value in q-string
// create a default
else {
$page = 'default';
}
// check page request with array
if(in_array($page, $pages) && $page != 'default'){
require($page . '.php');
}
// else require a default page
else {
require('sitepages/index.php');
}
?>
