Hello and welcome to our community! Is this your first visit?
Register
Enjoy an ad free experience by logging in. Not a member yet? Register.
Results 1 to 3 of 3
  1. #1
    New to the CF scene
    Join Date
    Aug 2010
    Posts
    1
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Smile php, refresh problem, or Get problem

    Hi all, New to the forum and just starting out with php. I'm building a test site to learn and i have run into my first bug.

    Ok, so my understanding is i can use php to make only specific parts of my page reload or "flicker" when i change urls from the index.php page. Sounds simple enough, I used the following code and placed it in all the divs i would like to be dynamic.
    [CODE]<?php $page = $_GET ['page']; if ($page) {include ("inc/cookiecrumb/".$page.".php");}else { include('inc/cookiecrumb/_default.php'); }?>[CODE]

    ok so here i have two pages. One is "cookiecrumb.php" and the other is "_default.php"

    I would like both of the pages inserted into the index.php, that's the page that has the php code. And that works, I get the pages populated correctly and there are no hiccups there. But I don't know how to make it so index.php loads only the php pages when redirected to a new url. Right now it reloads all the flash and other stuff and the page flickers.

    So, i would like to know how i can make it so that does not happen.

    Hope that makes sense.

    Thanks in advance for all your feedback and help.

  • #2
    Senior Coder timgolding's Avatar
    Join Date
    Aug 2006
    Location
    Southampton
    Posts
    1,519
    Thanks
    114
    Thanked 110 Times in 109 Posts
    You code is a security risk. Users may be able to access sensitive info from your server. Look at validating $_GET['page'] before using it in an include.
    You can not say you know how to do something, until you can teach it to someone else.

  • #3
    New Coder
    Join Date
    Aug 2010
    Location
    India
    Posts
    42
    Thanks
    0
    Thanked 5 Times in 5 Posts
    First make it secure, as "timgolding" said. You are using user supplied data directly to fetch the file contents. I can submit HTML with any value and your code would show me the contents of that.

    Try having a table (or associative array of the filenames)
    array( 1 => "cookiecrumb.php",
    2 => "someother.php",
    3 => "_default.php"
    );


    get only 1 or 2 or 3 from user and include files based on that

    switch($user_supplied_data)
    {
    case 1: include "dir/cookiecrumb.php"; break;
    case 2:
    ....
    ..
    default:
    }


  •  

    Tags for this Thread

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •