Would this effect my sites security and am I doing it right?

jwilson122

Hey! I have a site, a folder, and a .php file inside of that folder... so it would be: http://www.example.com/foldername/phpfile.php well, would it effect my security to make that URL: http://www.example.com/foldername/?phpfile
??

I would create a index.php file inside that folder to be the root / main file.
index.php

    <?php

if (isset($_GET['phpfile']))
{
   include('phpfile.php');
}
else
{
   echo "Invalid Page!";
 }

?>

Am I doing it correct? Or is there a better way to do it? And will it effect the security of my site? Also, give me your opinion on me actually doing this for most of my sites logged in members!

Thanks in advance!

laserlight

Why not configure your webserver to serve phpfile.php when the user accesses http://www.example.com/foldername/phpfile ?

jwilson122

laserlight;10967020 wrote:
Why not configure your webserver to serve phpfile.php when the user accesses http://www.example.com/foldername/phpfile ?

Thats true.. Do you know how I can do that?

laserlight

A quick search brings up Rewrite URLs with Content Negotiation.

jwilson122

laserlight;10967022 wrote:
A quick search brings up Rewrite URLs with Content Negotiation.

hmm, okay thanks. For some reason my hta access does not work :/