Jump to content

A better way to do this?

jdubwelch

By jdubwelch
in PHP Coding Help

 Share

Recommended Posts

jdubwelch Regular Member

jdubwelch

Posted
Posted

Okay.  I have multiple database driven sites that are running off of the same "skeleton".  ("skeleton" meaning that it's reading in an id, and based on that id it gets that info from the database).

 

I'm wondering if I'm doing this the right way, or if there's a better way to do it with sessions or cookies or some other way. Just want to see what ya'll think  ;)

 

So, my skeleton is made of up 2 main pages: index.php and tags.php which both use included header.php & footer.php files. 

 

The skeleton and "id pages" are under different urls.

 

The "id pages" have index.php & tags.php and look like this:

<?php
$team_id = 1; // other "id pages" will read in other id's
if (isset($_GET['date'])) {	
	$date = $_GET['date'];
	$link = "&date=$date";
}
if (isset($_GET['source_id'])) {
$source_id = $_GET['source_id'];
$link = "&source_id=$source_id";
}	
include ("http://www.oneclicksportsnews.com/sites/index.php?team_id=$team_id" . $link);
exit();
?>

 

Tags.php is similar:

<?php
$team_id = 1; // other id pages will have the differenent id.
$tag = $_GET['tag'];
include ("http://www.oneclicksportsnews.com/sites/tags.php?tag=$tag&team_id=$team_id");
?>

 

then the SKELETON index.php:

<?php
$team_id = $_GET['team_id'];
include ('header.php');
// all the index content would be here
include ('footer.php');
?>

 

Tthe SKELETON tags.php is basically the same as index, but it's just showing different data.

 

My problem I guess is the just double up of each page that I have to do under each different url.  Right now I only have 3 different "id's" reading into it.  But later on down the road when there's 20 sites and I want to add something, I don't want to have to add a new page just telling it what id to read in for 20 different sites.

 

Does that make any sense at all?

 

 

Link to comment
https://forums.phpfreaks.com/topic/91822-a-better-way-to-do-this/
Share on other sites
sKunKbad Advanced Member

sKunKbad

Posted
Posted

You should examine a book that talks about php security. I can see no validation of variables in your provided scripts. If at some point your script is querying the database for the values of $date and $source_id, it may not take much for a clever hacker to inject some malicious SQL into your database.

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.