chrisjunkie Posted October 16, 2006 Share Posted October 16, 2006 Hi there people,As i am a n00b ;D I need to ask questions heheheWhat i want to do is have it so i can type index.php?page=1 and have page 1 show up. I know this can be done and I have looked at php code that does this but i cant quite nut it out. Any help greatly appreciated Quote Link to comment Share on other sites More sharing options...
trillion Posted October 16, 2006 Share Posted October 16, 2006 if you enter in the url test.php?category=testthis code in test.php file:[code]<?phpif ($category == "test") { echo "<div id='test'> TEST!</div>";}?>[/code]will return: TEST!but register globals has to be on Quote Link to comment Share on other sites More sharing options...
akitchin Posted October 16, 2006 Share Posted October 16, 2006 do NOT expect to be able to use $category locally upon entering a URL like that. register_globals has been turned off by default since PHP something.or.other.that's.fairly.old.use superglobals like $_GET['category']. read more about it in the manual, and/or here in the FAQ/code snippets forum because this is a very common question. Quote Link to comment Share on other sites More sharing options...
xsist10 Posted October 16, 2006 Share Posted October 16, 2006 It depends on where you are going to be storing page 1.Will it be pulled from a database or from a file?[code]<?phpif ($_GET["page"]) { require_once("/pages/". $_GET["page"] .".php");}?>[/code]or [code]<?phpif ($_GET["page"]) { // get page from database $sql = 'SELECT contents FROM pages WHERE id='. $_GET["page"]; // use your database engine / class / generic to get the result // $db->getOne($sql); <--- Pear DB Manager echo $result;}?>[/code]Just remember to untained $_GET["page"] to prevent SQL injections or file redirects. Quote Link to comment Share on other sites More sharing options...
redarrow Posted October 16, 2006 Share Posted October 16, 2006 Always valadate a $_GET ok. Quote Link to comment Share on other sites More sharing options...
xsist10 Posted October 16, 2006 Share Posted October 16, 2006 I remember at least passing all your user-received values through something like this:[code]<?phpfunction removeBadWords($src) { $filter = array("INSERT INTO ", "SELECT ", "UPDATE ", "JOIN ", "UNION ", "MODIFY TABLE ", ";", "DELETE "); $replacements = array_fill(0, count($filter), ""); return addslashes(strip_tags(str_ireplace($filter, $replacements, $src)));}?>[/code] Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.