Web Design Forum: index.php?page= - Web Design Forum

Jump to content

WDF
WDF Premium Memberships Reseller Hosting
Page 1 of 1
  • You cannot start a new topic
  • You cannot reply to this topic

index.php?page= Rate Topic: -----

#1 User is offline   Kix 

  • Forum Newcomer
  • Pip
  • Group: Members
  • Posts: 6
  • Joined: 29-November 09
  • Reputation: 0
  • Gender:Male
  • Location:Newcastle
  • Experience:Beginner
  • Area of Expertise:Designer/Coder

Posted 13 March 2010 - 02:11 AM

Hello. I would like to make my web pages URL's to be like "http://www.example.com/index.php?page=example"
Instead of "http://www.example.com/index.html".

How would I do that? Ive tried searching, but I haven't had any luck.
0

#2 User is offline   webdesigner93 

  • Web Guru
  • PipPipPipPipPip
  • Group: Members
  • Posts: 1,976
  • Joined: 22-September 09
  • Reputation: 222
  • Gender:Male
  • Experience:Web Guru
  • Area of Expertise:Web Developer

Posted 13 March 2010 - 02:51 AM

View PostKix, on 13 March 2010 - 02:11 AM, said:

Hello. I would like to make my web pages URL's to be like "http://www.example.com/index.php?page=example"
Instead of "http://www.example.com/index.html".

How would I do that? Ive tried searching, but I haven't had any luck.


Create a get variable first 

<?php
$url = $_GET['page'];

//Check to see if url equals to a certain value

if($url === 'example'){
//Do code
}

//Write the url like this 

echo "<a href='index.php?page=example'>Link</a>";
?>


If this helped please +1 me if u dont mind :)
1

#3 User is offline   TopShopper 

  • Expert
  • PipPipPipPip
  • Group: Members
  • Posts: 878
  • Joined: 21-July 09
  • Reputation: 14
  • Gender:Male
  • Location:Cardiff, UK
  • Experience:Intermediate
  • Area of Expertise:Coder

Posted 13 March 2010 - 08:25 AM

To go directly to page replace '//Do Code' above with:
header("Location: "/index.html");
  exit();

1

#4 User is offline   Kix 

  • Forum Newcomer
  • Pip
  • Group: Members
  • Posts: 6
  • Joined: 29-November 09
  • Reputation: 0
  • Gender:Male
  • Location:Newcastle
  • Experience:Beginner
  • Area of Expertise:Designer/Coder

Posted 13 March 2010 - 12:00 PM

Thank You both for helping.
0

#5 User is online   notbanksy 

  • Refreshingly Belligerent Marxist
  • PipPipPipPipPip
  • View gallery
  • Group: Members
  • Posts: 3,937
  • Joined: 14-February 08
  • Reputation: 183
  • Gender:Male
  • Location:Darkest rural Somersetshire
  • Experience:Advanced
  • Area of Expertise:Copywriter

Posted 13 March 2010 - 12:30 PM

View PostTopShopper, on 13 March 2010 - 08:25 AM, said:

To go directly to page replace '//Do Code' above with:
header("Location: "/index.html");
  exit();


I don't think this is what the OP was getting at. This code simply redirects to the page stated in the code, it doesn't retrieve the content from a database which to me seems like the only reason you would use a url like example.com?page=example

webdesigner93 is on the right track, but where it says //do code, I would be more inclined to suggest pulling the relevant content from a database. That way, one php page controls the output for all the pages on the website.
0

#6 User is offline   TopShopper 

  • Expert
  • PipPipPipPip
  • Group: Members
  • Posts: 878
  • Joined: 21-July 09
  • Reputation: 14
  • Gender:Male
  • Location:Cardiff, UK
  • Experience:Intermediate
  • Area of Expertise:Coder

Posted 13 March 2010 - 01:46 PM

View Postnotbanksy, on 13 March 2010 - 12:30 PM, said:

I don't think this is what the OP was getting at. This code simply redirects to the page stated in the code, it doesn't retrieve the content from a database which to me seems like the only reason you would use a url like example.com?page=example

webdesigner93 is on the right track, but where it says //do code, I would be more inclined to suggest pulling the relevant content from a database. That way, one php page controls the output for all the pages on the website.


Hmm, you may be right.
0

#7 User is online   rallport 

  • Web Guru
  • PipPipPipPipPip
  • Group: Members
  • Posts: 3,814
  • Joined: 03-January 10
  • Reputation: 266
  • Gender:Male
  • Location:England, UK
  • Experience:Advanced
  • Area of Expertise:Web Developer

Posted 14 March 2010 - 11:38 AM

View Postwebdesigner93, on 13 March 2010 - 02:51 AM, said:

Create a get variable first 

<?php
$url = $_GET['page'];

//Check to see if url equals to a certain value

if($url === 'example'){
//Do code
}

//Write the url like this 

echo "<a href='index.php?page=example'>Link</a>";
?>


If this helped please +1 me if u dont mind :)


Ouch <_<

What happens if you have 'allow_url-fopen' turned on? An attacker you open files on your server.

You shoudl really be doing one of a few things.

  • get the value of $url against an array of allowed values
  • use a simple swicth statement
  • You could also use a regex to stop an attacker traversin directories (see below)
$UEL = preg_replace('/\W/si', '', $_GET['page']);


The above would filter something like http://www.evilsite.com to httpevilsitecom.
0

#8 User is online   rallport 

  • Web Guru
  • PipPipPipPipPip
  • Group: Members
  • Posts: 3,814
  • Joined: 03-January 10
  • Reputation: 266
  • Gender:Male
  • Location:England, UK
  • Experience:Advanced
  • Area of Expertise:Web Developer

Posted 14 March 2010 - 11:40 AM

View Postnotbanksy, on 13 March 2010 - 12:30 PM, said:

I don't think this is what the OP was getting at. This code simply redirects to the page stated in the code, it doesn't retrieve the content from a database which to me seems like the only reason you would use a url like example.com?page=example

webdesigner93 is on the right track, but where it says //do code, I would be more inclined to suggest pulling the relevant content from a database. That way, one php page controls the output for all the pages on the website.


Tep definately.

Simply redirecting to another page remves all the benefits of such an url structure (E.g. easier site updating, keeping content in single files, make site wide changes easily etc.).
0

#9 User is offline   webdesigner93 

  • Web Guru
  • PipPipPipPipPip
  • Group: Members
  • Posts: 1,976
  • Joined: 22-September 09
  • Reputation: 222
  • Gender:Male
  • Experience:Web Guru
  • Area of Expertise:Web Developer

Posted 14 March 2010 - 01:30 PM

View Postrallport, on 14 March 2010 - 11:38 AM, said:

Ouch <_<

What happens if you have 'allow_url-fopen' turned on? An attacker you open files on your server.

You shoudl really be doing one of a few things.

  • get the value of $url against an array of allowed values
  • use a simple swicth statement
  • You could also use a regex to stop an attacker traversin directories (see below)
$UEL = preg_replace('/\W/si', '', $_GET['page']);


The above would filter something like http://www.evilsite.com to httpevilsitecom.

Ok well heres an updated and more secure way then
$url = $_GET['page'];
$allowed_values = array('example','example2'.'example3');
//Check to see if url equals to a certain value
if(in_array($url,$allowed_values){
if($url === 'example')
{
//Do code
}
}else{
echo "<p>The action you have performed is invalid!</p>";
}
//Write the url like this 
echo "<a href='index.php?page=example'>Link</a>";?>

0

#10 User is online   rallport 

  • Web Guru
  • PipPipPipPipPip
  • Group: Members
  • Posts: 3,814
  • Joined: 03-January 10
  • Reputation: 266
  • Gender:Male
  • Location:England, UK
  • Experience:Advanced
  • Area of Expertise:Web Developer

Posted 14 March 2010 - 02:48 PM

:)
0

Share this topic:


Page 1 of 1
  • You cannot start a new topic
  • You cannot reply to this topic

1 User(s) are reading this topic
0 members, 1 guests, 0 anonymous users