AndrewBilham Posted March 2, 2016 Share Posted March 2, 2016 (edited) Good morning, I firstly would like to apologise as I know this is a common question and I am new to coding so would like to clarify a couple of points. I am building a 'console' which will allow users to change, update or do certain things. At present I have a registration form, login, MySQL that all work together as well as a few static pages. I have the 'console' page with a second menu bar which lets the user select which action/area they want to change or action. Rather than creating a bunch of static pages and just using <a href=""> I wanted to load the content of these pages into the content <div> No problem with using the include but from my research I cannot reload the php to pass the relevant variable without re loading the page which then I might as well reload another static page? (when I say static I am still using SQL to pull user information for certain sections of the content) Next option was storing the content in a database and using a query to pull the data, but wasn't sure how this would effect SEO not having the actual pages. Third option was some sort of function to call content from each of the PHP files and insert into the <div> Opinions please Edited March 2, 2016 by AndrewBilham Quote Link to comment Share on other sites More sharing options...
Jacques1 Posted March 2, 2016 Share Posted March 2, 2016 (edited) Putting the pages into a database is not an option if they contain PHP code (you should stop calling that “static”, by the way). There's a huge risk that an attacker finds a way to manipulate the pages, either through an SQL injection attack or your admin interface. If that happens, the attacker can execute arbitrary PHP code on your server, which is the absolute last thing you want. Including the pages into a main script also isn't a good idea, because this means there will be implicit dependencies all over the place. The pages will pull their variables seemingly out of nowhere (from the main script, actually), which makes the code error-prone, hard to read and just ugly. I'd go with a separate script for each page and a template engine like Twig. Template engines are perfect for creating “almost static” pages and embedding different contents into a common layout. Edited March 2, 2016 by Jacques1 Quote Link to comment Share on other sites More sharing options...
AndrewBilham Posted March 2, 2016 Author Share Posted March 2, 2016 ok thank you Rules out a few of the options, so to clarify and again I do apologise as I am new and no amount off online/book/courses training can prep you for these 'real world' issues. can you clarify what you mean by create a script for each page, my plan now was create the pages and store them in a folder and then run an <a> which puts the id at the end of the address when they click the menu item something like the below to then select the page: <?php include $id = $_GET['id']; if (!isset($id)) { include "home.html"; } else if ($id === 1) { include "profile.php"; } else if ($id === 2) { include "something else.php"; } ?> Quote Link to comment Share on other sites More sharing options...
Jacques1 Posted March 2, 2016 Share Posted March 2, 2016 There's no point in assigning IDs to the pages and including them in some main script. Simply create one standalone script for each page. If you have common functionalities which are needed on multiple pages, use PHP functions. If you have a common layout, use templates. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.