$_GET with Includes - Starting Off

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
User avatar
$var
Forum Contributor
Posts: 317
Joined: Thu Aug 18, 2005 8:30 pm
Location: Toronto

$_GET with Includes - Starting Off

Post by $var »

Okay, first off, this is a very exciting and useful function as far as showing the proper content to the proper access levels, and that is what I am thinking that my project will have to employ...

However, this is the very first that I have actually realized it.

Using the very most basic of $_GET/include functions, what does the code look like at the beginning?
I know that once I get the basics of this philosophy, I will be able to do what I need to, but that's the crux... the basics.

Say I have a HEADER table that has the links in it
and a BODY table that is by default "index.inc"

In my mind, it looks like this, but I have a feeling I am way off:

Code: Select all

<td> 
     <a href= "<? include($_GET['contact.inc']); ?>" target="<? SOME VALUE THAT I DON'T KNOW; ?>">Contact Us</a> 
 </td>
 <td>
<? include("index.php"); ?>
 </td>

What is the intial structure of the links, and what value do you pass... to where?
I hope that this isn't too trivial a thought... It's really where I don't get the process.

Thanks
User avatar
Burrito
Spockulator
Posts: 4715
Joined: Wed Feb 04, 2004 8:15 pm
Location: Eden, Utah

Post by Burrito »

I don't understand what you're asking at all.

what I can see from your code is that you're trying to include a file that has a name that is associated with the value of the contact.inc key in the $_GET array.

if you're asking if this is typical? No, not at all...why would you include a file name for the href attribute of your anchor tag. In this case, the file could only include a single line of text with the value of the href....why not just include that line on the page?
User avatar
feyd
Neighborhood Spidermoddy
Posts: 31559
Joined: Mon Mar 29, 2004 3:24 pm
Location: Bothell, Washington, USA

Post by feyd »

first off, you have extremely high potential for hacking if that code is employed without some serious filtering/translation and validation. So be careful here. Next, I wouldn't waste time including lots of files when a single file with all the variable settings in it will suffice and be easily reusable throughout the rest of the page.
User avatar
$var
Forum Contributor
Posts: 317
Joined: Thu Aug 18, 2005 8:30 pm
Location: Toronto

Post by $var »

feyd,

i really like the way you handle moderation, it's very gentle, and non assuming... i respect that so much as you are obviously a high level software programmer.

I suppose that what i am asking is something that I need to hunker down and figure out...
I really don't understand how to link up the buttons with the variables, that is the stumbling block I am at.


( i just shot what seemed reasonable to me, because I have noticed that even the slightest effort on the newbies behalf get's a warmer response, and when it is wrong, it is even more subject to suggestion... smartie pantses love to point out errors)
User avatar
Burrito
Spockulator
Posts: 4715
Joined: Wed Feb 04, 2004 8:15 pm
Location: Eden, Utah

Post by Burrito »

8O ...undertones of implication... 8O

now that you've posed your question so that it's a little easier to understand, I will try to answer it for you.

number 1 is assumption based on what you previously posted:

1) you are trying to provide different link options for different user levels
2) you are unclear as to where or how to insert those different links based on the different levels

As Feyd suggested, you need to be aware of the security risks (especially when dealing with the $_GET array). I would recommend using SESSION variables instead. There is still a chance that you can be hacked, but the likelyhood decreases significantly when dealing with SESSION variables vs POST or GET variables. Hit up Roja for a detailed description of security with variables.

here is a small snippet of a way you can set the page based on user levels:

Code: Select all

switch($_SESSION['userlevel'])
{
  case "admin":
  $page = "admin.php";
  $view = "Admin Page";
  break;
  case "regularuser":
  $page = "user.php";
  $view = "User Page";
  $break;
  case "guest":
  $page = "guest.php";
  $view = "Guest Page";
  $break;
}

echo "<a href=\"".$page."\">".$view."</a>";
if that doesn't address your question(s), let me know.

Mr. SP.
Post Reply