PHP include page script

stinkmitt

'm new to this forum, but I have a feeling it's going to be my 2nd home lol.

I'm having trouble with this PHP include script I'm using

<?php
if($page) include("$page.php");
else include("main.php");
?>

The script includes the "main.php" file fine, but when I link other pages as ?page=pagename.php, they don't even link, let alone target the area where the script is.

My website is at http://www.digitalgold.org

I am trying to target the links on the left hand side to the middle area.
Any help would be greatly appreciated. Thanks.

mac_php

First off be sure to use the [ php ] [/php ] brackets, to make your code tighty.

Secondly, your method isn't secure, but use $_GET.

if( isset( $_GET['page'] ) ) {
  $page = $_GET['page'];
}

if( isset( $page ) ) {
  include( $page );
} else {
  include("main.php");
}

Now be careful however, this is easily exploited. I recommend doing something like this...

//...

if( isset( $page ) ) {
  if( $page == "news" ) {
    include( "news.php" );
  } elseif( $page =="otherpage") {
    include( "otherpage.php" );
  } else {
    include( "main.php") 
  }
}

This is really rough code, but be careful when using $_GET. It's easily exploited. I'm still learning too, so if there's anything wrong with my method please shout out 🙂.

djjjozsi

if you want to make lots of IF conditions to direct the visitor to a page interdependently of a variable from the visitor, lets create a SWITCH CASE while you're using 4-5 pages,

after a biggest amount of pages lets use database to $_GET the next page(s).

bretticus

You definitely need to make this more secure!!! I just executed php code on your website. Lucky for you, I am nice. 🙂

http://www.digitalgold.org/index.php?page=http://www.bretticus.org/evilhacker

Weedpacket

Just incidentally, you've got ".php" in the variable and you're attaching it in the include statement.

Good thing you made this mistake, or you might have gone live with a huge hole in your site 😃

Oh, and please don't post the same thing in multiple forums. People dislike the déjà vu it gives them.

Weedpacket

djjjozsi wrote:
if you want to make lots of IF conditions to direct the visitor to a page interdependently of a variable from the visitor, lets create a SWITCH CASE while you're using 4-5 pages,

Since this is just a job of matching one string to another, an array lookup would be enough; plus handling the case where the page requested is not one of the array's keys (i.e., is an invalid request).

bretticus

In other words, Weed means something along these lines:

<?php
$allowed_pages = array('portfolio', 'company', 'quotes', 'contact');
if ( isset($_GET['page']) && in_array($_GET['page'], $allowed_pages) ) {
   include($_GET['page'].'.php');
} else {
   echo "Page not found!";
}
?>

Weedpacket;10898775 wrote:
Good thing you made this mistake, or you might have gone live with a huge hole in your site

I assume you're being facetious? 🙂 Holes don't get any bigger than that!!!

djjjozsi

@: As a matter a fact, i've got a switch case generator 🙂 that's why i suggested the switch case 🙂

hello,
jjozsi

Horizon88

djjjozsi;10898781 wrote:
@: As a matter a fact, i've got a switch case generator 🙂 that's why i suggested the switch case 🙂

hello,
jjozsi

You shouldn't need to use a generator. A switch statement is unnecessary here, an in_array() check works fine and takes up far less space, and would also be easily modified to a database backed solution in the future.