...

View Full Version : name.php?id=



GO ILLINI
09-07-2005, 03:49 AM
sorry new to php? 5 second script though it seems.
I have a page that acts as a gateway to all other pages right now but my script is to complex.
I want page.php?id=9th_mythic_funcube_v1
right now its in an array and id=0 will give you first one 1 second one and so on but i changed my mind and just want id.php but include $id.php didnt work.
ideas?

EDIT: I would also like there to be an else map_error.php includei can use something like allowed.txt or something but i dont wanna make any long list internal.(easier to add to database if external.

missing-score
09-07-2005, 04:19 AM
I think you mean you want to include the file shown in the id... this is a very bad idea, becuase somebody could start including files you dont want them to! The best bet is to have an array of keys and values to check in (like this):



<?php
$pages = array();

$pages['first_page.php'] = 'first_page';
$pages['9th_mythic_funcube_v1.php'] = '9th_mythic_funcube_v1';
$pages['second_page.php'] = 'second_page';
?>


You can list as many pages as you need, using a similar format to the others... Then, when the user visits your page, use the $_GET var ($_GET is the proper way to retrieve URL variables (eg: page.php?id=123&value456)...



<?php
if(false !== ($pagename = array_search($_GET['id'], $pages)))
{
require($pagename);
}
else
{
require('error_page.php');
}
?>


Hope that may help you out a bit.

GO ILLINI
09-07-2005, 02:01 PM
yes it does thanks. But is there a way to have the allowed pages in another file? because I plan to have alot of pages. like allowed.txt?

delinear
09-07-2005, 02:44 PM
Put the pages array in your separate file called whatever you want, e.g. "allowed.php":


<?php
//content of allowed.php
$pages = array();

$pages['first_page.php'] = 'first_page';
$pages['9th_mythic_funcube_v1.php'] = '9th_mythic_funcube_v1';
$pages['second_page.php'] = 'second_page';
?>

Then in your main script use an include() to include the contents of your separate file:


<?php
include_once('allowed.php');
if(false !== ($pagename = array_search($_GET['id'], $pages)))
{
require($pagename);
}
else
{
require('error_page.php');
}
?>

GO ILLINI
09-09-2005, 11:16 PM
what woul;d the script be for a box thats kind of a search box... what i mean is that i dont want it to be a database or anything i just want it to be a box that adds "http://adamsworld.name/css/maps.php?search=yes&id="before what you enter so it will be:
http://adamsworld.name/css/maps.php?search=yes&id=(what you enter)
what i want search for is a different error_page_search.php if search = yes but if it = nothing or doesnt exist it will go to error_page.php(normal one). So I can keep my links without search, but the box will add it along with the rest of the link.
-Thanks

Yaggles
09-10-2005, 06:28 AM
Cant you do this:


$id = $HTTP_GET_VARS['id'];

if(!isset($id) || $id == '')
{
include('index.php');
}
if(!file_exists('domain.com/directory/' . $id . '.php'))
{
die('404 file not found!');
}
else
{
include('domain.com/directory/' . $id . '.php');
}


That's safe because users can only include files that are in that directory (or subdirectories) and have the extension .php. They can't include a bad file from their site because it's not in that directory. If it was just include($id . '.php'), then you could do this: ?id=http://domain.com/badscriptthaterasesyourdatabaseanddestroysyourfiles and it wuold work. But with it needing to be in that directory, unless someone else has access to your FTP and uploads the file, they couldn't do that.

See what I'm saying? Am I being too... repititous? I just like this idea better because then you don't need to edit that file everytime you make a new file and want to allow it. It is always allowed. Of course, you can always make a dissallowed files file if you want...
-Yaggles

GO ILLINI
09-10-2005, 06:34 AM
thanks ill try it out
but any ideas with my "search" box?

Yaggles
09-10-2005, 06:44 AM
I dont know... I would have to think about it it a bit. Sorry. If I figure it out, I'll post here, if no one already did! ;)

-Yaggles



EZ Archive Ads Plugin for vBulletin Copyright 2006 Computer Help Forum