|
|
Posted by juglesh on 12/08/05 20:38
thomas_okken@hotmail.com wrote:
> Juha Suni wrote:
> > thomas_okken@hotmail.com wrote:
> > > So, I separated all the common elements into
> > > separate files, and put PHP 'include' tags wherever needed to include
> > > them.
When beginning PHP, this sounds great, and it does beat the hell out of
manually updating stuff. But, you still wind up having to edit all
your pages if you do a major change.
Instead of including the header/footer/etc on each of your pages, try
having the header/footer on your index.php, then include the content as
needed. You will wind up having links that look like
www.domain.com/index.php?page=home,
www.domain.com/index.php?page=contact etc.
and your index.php may look like:
Tile of Website, we're on the world wide interweb!
<?php include $_GET['page'].'htm'; ?>
Here is the Footer
As soon as you get that going, you'll need to look up XSS, or cross
site scripting. Here is some code to get you safe:
$pages = array( 'contact', 'links', 'aboutus', 'home');
if( in_array($_GET'[page'], $pages) ) { include $_GET['page'].'htm'; }
else { die("Nice Try."); }
hth
--
juglesh
Navigation:
[Reply to this message]
|