PHP Include Issue

  • Resolved itado

    (@itado)


    18 years, 1 month ago

    I’m having some problems with my php include via url specification.

    The way I have it setup is with

    <?php if(!isset($go)) { $go = ‘root’; } ?>

    in the header and

    <? include($go.”.inc”); ?>

    somewhere in the middle of the index.php document.

    The way this is supposed to work is to type in “https://…/index.php?go=XXX&#8221; into the address bar of the browser, where XXX is the name of the file you want index.php to include into the middle of the document where “<? include($go.”.inc”); ?>” is. The files have the “.inc” extension just for asthetics.

    I’m using my own custom theme that’s still being developed, but the theme itself shouldn’t affect the functionality of this simple PHP script. Unfortunately, it’s not working. I’ve tried inserting the first PHP line into the tops of both the main index.php in the root directory, AND the index.php in the theme directory. Neither one has been successful.

    Here is the problem: Everytime I specify a different file in the url, like “index.php?go=info”, it will still load root, as if I’d typed “index.php?go=root” into the url.

    Anyone got any ideas as to why this is? Possible solutions or alternatives?

Viewing 11 replies - 1 through 11 (of 11 total)

  • I think with if(!isset($go)) you are assuming that register_globals is on, when in fact it isn’t. Instead, you’re probably trying to test for if(!isset($_REQUEST['go'])).

    However, I hope you will reconsider the approach you’re taking. It seems like a major security risk: all someone has to do is specify their own script’s path for the “go” parameter, and who knows what you’ll be including.

    Thread Starter itado

    (@itado)

    Got any ideas for an alternative? This issue has put up a road block on my entire development. I’ve been wracking my brain all day and can’t think of a different way to do it…

    To suggest an alternative I would need to know what you’re trying to accomplish.

    Thread Starter itado

    (@itado)

    I’ll try to paint a textual illustration of it…

    I have a site with a header image, 5 navigation options, and two boxes side by side scaling downward. See here: https://www.itado.net

    The first page (root), the one with wordpress controlling the blog, is the usual index.php that pulls the header.php and footer.php into it. It throws the posts into the right box and the calendar and categories into the left.

    What I want, is for the separate nav options to pull totally different content into those two boxes, while still utilizing the same index.php/header.php/footer.php.

    This php include method has worked for the past in general, and the last time was with MovableType…but something is amuck with it working with WordPress…or perhaps it’s a different version of PHP on the hosting server. I haven’t figured that out yet.

    Sorry, but I don’t understand how that involves user-submitted GET requests.

    Thread Starter itado

    (@itado)

    Basically I’ll have a couple snippet files called “root.inc” and “info.inc”, for example. I want to be able to specify in the url like “index.php?go=root” or “index.php?go=info” and have it load the contents of those files inside the page.

    But why not specify the path to be included internally, so that not just anyone can include an arbitrary file?

    For example, if you have three possible include files, a.inc, b.inc., and c.inc, you could say that if $_GET[‘pageA’] is set, then you’ll include a.inc, etc. That way, you control what the options for include files are.

    Thread Starter itado

    (@itado)

    That sounds like a much better/secure way of doing it… but I don’t know enough PHP to make it happen. Care to lend a guy a hand?

    if ( isset( $_GET['pageA'] ) ) {
    include($fileA);
    }
    elseif ( isset( $_GET['pageB'] ) ) {
    include($fileB);
    }

    is roughly what I had in mind.

    Thread Starter itado

    (@itado)

    Bingo! Thanks a bunch filo. I’m using that and <a href="?page=XXX">. Works like a charm.

    what are you planning to us eit for?

Viewing 11 replies - 1 through 11 (of 11 total)
  • The topic ‘PHP Include Issue’ is closed to new replies.