Jump to content

include files


imagine1

Recommended Posts

I don't really know what you mean. But including file isn't that complicated.

 

Example:

<?php
// Check if file is set and filter it with preg_match, both have to be true to assign a value from $_GET
$file = isset($_GET['file'] && preg_match('#[a-z0-9_-]#iu', $_GET['file'])) ? $_GET['file'] : "your_default_include";
if(file_exists($file . '.php'))
{
    include($file . '.php');
}
?>

You could also have an array where all allowed files are defined:
<?php
$files = array(
             "file1" => "some/path/to/file1.php",
             "file2" => "more/files/file2.php",
             "default_file" => "default_file.php"
         );
$file = isset($_GET['file']) ? $_GET['file'] : "default_file";
include($files[$file]);
?>

Link to comment
https://forums.phpfreaks.com/topic/222548-include-files/#findComment-1150981
Share on other sites

// Check if file is set and filter it with preg_match, both have to be true to assign a value from $_GET
$file = isset($_GET['file'] && preg_match('#[a-z0-9_-]#iu', $_GET['file'])) ? $_GET['file'] : "your_default_include";
if(file_exists($file . '.php'))
{
    include($file . '.php');
}
?>

Be careful.

index.php?file=index

Link to comment
https://forums.phpfreaks.com/topic/222548-include-files/#findComment-1150982
Share on other sites

Thanks a lot for your replies!

 

I have in mind file_get_contents... But when i want to get the content of a file with encoding utf8 or the file has to send data through a form i have problem ...

 

What i want to do is for example...

 

include ("db.php");

 

The file db.php contains the connections with database and appear error message encoding in utf8 ....

 

or include('form.php'); which contains variables like $_POST['name']; and messages encoding in utf8...

Link to comment
https://forums.phpfreaks.com/topic/222548-include-files/#findComment-1150983
Share on other sites

Actually now I don't know what you are trying to do at all. =)

 

You asked for help for including files. The keystone there is that you should always have a very strict rules to include files when using $_GET.

 

But what are you actually trying to do? If you have all your files saved as UTF-8, you have your charset headers and meta-tags ok. You have set your PHPs internal encoding to UTF-8 and you have set your MySQL database to UTF-8. And you check request header for charset. And even could try to validate if given data is in utf-8 form and otherwise you could just discard the data and show an error message. There is a function to check if data is valid UTF-8 somewhere in PHP.net user comments. don't remember where tough.

 

If all that is OK. You will have absolutely no worries regarding charsets. What's the problem now?

Link to comment
https://forums.phpfreaks.com/topic/222548-include-files/#findComment-1150989
Share on other sites

Can you give an example what you mean by "The keystone there is that you should always have a very strict rules to include files when using $_GET"...

 

I have done all you said about mysql and utf8...

 

I have read to a php tutorial that when you include files by include(../file.php) is valnurable to attacks....So it is suggested to use file_get_contents(../file.php). The problem is that file_get_contents() doesn't work fine when the contents of a page are encoded in utf8 or should send data through a form...

 

Any help????

Link to comment
https://forums.phpfreaks.com/topic/222548-include-files/#findComment-1151076
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.