Page 1 of 1

Includes or not?

Posted: Wed Dec 01, 2004 4:14 pm
by davidjwest
I just want some general advice really.

I've got a simple bit of PHP which I am using in the game I am designing and wonder the best way to utilise it.

I'm a very new PHP programmer so I know very little about things like includes etc.

The bit of code in question generates a random driver for the player (it's a motor racing game) and they will have a button/link to click on their team page to hire and fire drivers.

So when they click the button I want the code to be called, the driver displayed on the page and the data written to the database.

I could simply transfer the whole script over so it's all in one script but wondered if there was a more elegant way to do it, such as an includes or is it possible to have "external functions".

Any advice about which method is best is appreciated thanks.

Posted: Wed Dec 01, 2004 4:56 pm
by rehfeld
its common practice to have a file w/ COMMONLY used functions/classes in it, and include that unconditionally.
it just makes for less cluttered/easier to manage code

then only include more code if you need it for that page request

if your not sure if the code will need to be used for the current request, using a conditional include is generally a good idea.

includes do take extra resources, so dont start doing 25 includes per script.


its a balance youll need to consider. like lets say you have 10,000 lines of code, and 9 out of 10 page request only use 2000 lines of that code.
you would want to break it down into smaller files, and include only if needed.


functions should generally be used for anything that is likely to be done more than 1 time in a script.


im being very general here, to everything ive said there will of course be exceptions.


heres some dos and donts

Code: Select all

// DO

if (isSet($_GET['action'])) {
     if ($GET['action'] == 'hire') {
          include('includes/hire.php');
     } elseif ($GET['action'] == 'fire') {
          include('includes/fire.php');
     }

}


// DONT!!!!

include('includes/' . $_GET['action'] . '.php');

the reason you dont want to do that, is because while you may be expecting the user to click the url

your_script.php?action=fire

they could enter a url like

your_script.php?action=../../../file_they_shouldnt_access

and so on.

you will likely see lots of tutorials doing just that, and it is terrible.

Posted: Wed Dec 01, 2004 5:08 pm
by Todd_Z
Something i like to do is have an array of possible values ...

Code: Select all

<?php
$values = array( "Hire", "Fire" );

if ( in_array($_GET['action'], $values )
  include("includes/".$_GET['action'].".php");

?>
Basically I use this because its very easy to expand, and I usually use it for my main page, and the constantly expanding amount of pages... so this is very simple and safe to use.

Posted: Wed Dec 01, 2004 5:28 pm
by josh
If you need to include a file that defines some functions you should actually use include_once (to prevent any errors about redefineing functions)