starbai Posted January 27, 2008 Share Posted January 27, 2008 hello, well I've just started to use PHP, and i'm kinda puzzled why this was working before, but it doesn't on my new server. I'm new to this stuff so please bare with me here. My current server (linux) runs PHP version 5.0.5 I have my main page (index.php) and within index.php i'm including other php pages that constantly keeps changing depending on the link the user goes to, so the tag i'm using is <?php include ("$id"); ?> now when i go to http://www.domain.com/index.php?id=main (which should call up main.php where I placed the above tag) I get the following error: Warning: main() [function.include]: Failed opening '' for inclusion (include_path='.:/usr/lib/php') in /home/xxxx/public_html/index.php on line 135 Now, On my previous server, everything worked like a charm! I switch servers and it stops working. What gives? thanks in advance! Quote Link to comment https://forums.phpfreaks.com/topic/88024-solved-need-help/ Share on other sites More sharing options...
thebadbad Posted January 27, 2008 Share Posted January 27, 2008 That's because you had register_globals turned on before, which is highly discouraged. register_globals makes you able to set a variable in your document via the query string, just like you did before. But that poses serious security risks, because every variable not set in the document could be set that way. Instead, to get what you want, you use $_GET['id'] to retrieve the value of 'id'. And before including your should also verify that the file is OK to include, maybe by having an array of OK files, and then check $_GET['id'] up against the array. <?php $page = $_GET['id'].'.php'; //I added the php extension or else you would have to include that in the 'id' too $allowed_pages = array('main.php', 'some_file.php'); if (in_array($page, $allowed_pages)) { include $page; } else { echo 'Bad id!'; } ?> Quote Link to comment https://forums.phpfreaks.com/topic/88024-solved-need-help/#findComment-450363 Share on other sites More sharing options...
starbai Posted January 27, 2008 Author Share Posted January 27, 2008 thanks for the fast reply! Sorry i'm a bit new so this is all new to me one more question: in your code where it says: $allowed_pages = array('main.php', 'some_file.php'); do i have to add all my pages that i intend to call in there? I'm guessing I do but just want to make sure. thanks in advance! Quote Link to comment https://forums.phpfreaks.com/topic/88024-solved-need-help/#findComment-450366 Share on other sites More sharing options...
thebadbad Posted January 27, 2008 Share Posted January 27, 2008 No problem And yes, you should. Quote Link to comment https://forums.phpfreaks.com/topic/88024-solved-need-help/#findComment-450370 Share on other sites More sharing options...
starbai Posted January 27, 2008 Author Share Posted January 27, 2008 yeah you beat me to it, i added in all the pages and it works. thanks again for that fast reply...i was ripping my hair out for the last 5 hours trying everything except what you posted Quote Link to comment https://forums.phpfreaks.com/topic/88024-solved-need-help/#findComment-450371 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.