Jump to content

[SOLVED] Need Help =\

starbai

By starbai
in PHP Coding Help

 Share

Recommended Posts

starbai Newbie

starbai

Posted
Posted

hello, well I've just started to use PHP, and i'm kinda puzzled why this was working before, but it doesn't on my new server.

 

I'm new to this stuff so please bare with me here.

 

My current server (linux) runs PHP version 5.0.5

 

I have my main page (index.php) and within index.php i'm including other php pages that constantly keeps changing depending on the link the user goes to, so the tag i'm using is

 

<?php include ("$id"); ?>

 

now when i go to http://www.domain.com/index.php?id=main  (which should call up main.php where I placed the above tag)

 

I get the following error:

 

Warning: main() [function.include]: Failed opening '' for inclusion (include_path='.:/usr/lib/php') in /home/xxxx/public_html/index.php on line 135

 

Now, On my previous server, everything worked like a charm! I switch servers and it stops working.

 

What gives?

 

thanks in advance!

Link to comment
Share on other sites
thebadbad Newbie

thebadbad

Posted
Posted

That's because you had register_globals turned on before, which is highly discouraged. register_globals makes you able to set a variable in your document via the query string, just like you did before. But that poses serious security risks, because every variable not set in the document could be set that way. Instead, to get what you want, you use $_GET['id'] to retrieve the value of 'id'. And before including your should also verify that the file is OK to include, maybe by having an array of OK files, and then check $_GET['id'] up against the array.

 

<?php
$page = $_GET['id'].'.php'; //I added the php extension or else you would have to include that in the 'id' too
$allowed_pages = array('main.php', 'some_file.php');
if (in_array($page, $allowed_pages)) {
include $page;
} else {
echo 'Bad id!';
}


?>

Link to comment
Share on other sites
starbai Newbie

starbai

Posted
  • Author
Posted

thanks for the fast reply! Sorry i'm a bit new so this is all new to me

 

one more question: in your code where it says:

 

$allowed_pages = array('main.php', 'some_file.php');

 

do i have to add all my pages that i intend to call in there? I'm guessing I do but just want to make sure.

 

thanks in advance!

Link to comment
Share on other sites
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.