include-var : Unsafe use of variable in call include()/require()

Flybersite

I don't know if this is the right thread but I'm using Zend Studio and this warning doesn't make any sense to me. Maybe one of you know?

the warning is: include-var : Unsafe use of variable in call include()/require()

Thank you in advance

NogDog

It might help to show us the code referred to by the error message.

Flybersite

NogDog;10881397 wrote:
It might help to show us the code referred to by the error message.

<?php
	if(file_exists($display.'.html'))
	{
		require_once($display.'.html'); // the line it indicates
	}

else 
{
	print('The content could not be displayed');
}
?>

NogDog

Must be a Zend Studio thing, as I cannot get it to display an error even with error_reporting set to E_ALL | E_STRICT. Presumably it's alerting you to be sure that no unsafe external data can possibly make its way into the $display variable, as it might then be possible to cause the application to include malicious code.