11-27-2010, 04:42 PM
I wonder how can i use the link like this:
index.php?site=home f.eks

I have no idea how i can do that.

I have tried this code but it only shows 1 file even if i change the url

if(!isset($site)) $site="news";
$invalide = array('\\','/','//',':','.');
$site = str_replace($invalide,' ',$site);
if(!file_exists($site.".php")) $site = "news";

11-27-2010, 05:47 PM
it's possible that register_globals is off, which means that $site is never set, and in your code that means it would always default to news. Try using $_GET['site'] instead.

Also, you have to be really careful when including files based on the GET parameters. I would create an array of valid "sites" and check the GET parameter against them, as shown below. Note that you'll have to add all the valid possible values for $site to the $valid_sites array.


$valid_sites = array( 'news', 'home', 'etc' );
$site = 'news'; //default

// check to see if $_GET['site'] is set AND that
// the given site exists in our $valid_sites array
if ( isset($_GET['site']) && in_array($_GET['site'], $valid_sites) ) {
$site = $_GET['site'];

// Just an extra security precaution. basename()
// will strip out any path information and return only a
// filename
$site = basename($site);

if ( !file_exists($site . '.php') ) {
$site = 'news';

require_once($site . ".php" );

11-27-2010, 06:04 PM
