Includeing a file

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
oldtimer
Forum Contributor
Posts: 204
Joined: Sun Nov 03, 2002 8:21 pm
Location: Washington State

Includeing a file

Post by oldtimer »

Okay first of all I use includes all the time but not in this manor.

I have a page where when a variable is passed I want to include a file. I have used the file.php?id=XX alot for grabing information from a DB. However now I want to include the $value.

In this case it is an html page that I want to include. When I first did this I did not use a DB but rather a crude work around. Like this

Code: Select all

<?php
if ($articles==4) { include("html/files/aboutus.html"); }
?>
I want to be able to always build this page dynamically and generate my html files on the fly.

When I include the file I get nothing.

Code: Select all

<?php

include("html/files/$article_name");

?>
oldtimer
Forum Contributor
Posts: 204
Joined: Sun Nov 03, 2002 8:21 pm
Location: Washington State

Post by oldtimer »

Never mind. My error. I was looking for

Code: Select all

<?php

$sqlquery = "SELECT * From articles where aid='".$aid."'";

?>
instead of

Code: Select all

<?php

$sqlquery = "SELECT * From articles where aid='".$articles."'";


?>
When my link was

Code: Select all

&lt;a href="articles2.php?articles=&lt;? echo $aid; ?&gt;"&gt;&lt;? echo $test; ?&gt;&lt;/a&gt;
ReDucTor
Forum Commoner
Posts: 90
Joined: Thu Aug 15, 2002 6:13 am

Post by ReDucTor »

besure when including like that do security checks for .. and /

<a href="articles2.php?articles=<?=$aid?>"><?=$test?></a>

Looks neater :D
oldtimer
Forum Contributor
Posts: 204
Joined: Sun Nov 03, 2002 8:21 pm
Location: Washington State

Post by oldtimer »

If accept articles I will do that. But for now I enter them all in and I only have to put the file name in there. No one else has access to this part but me. Thanks for the warning though. My next revision I will have to do that.
User avatar
lazy_yogi
Forum Contributor
Posts: 243
Joined: Fri Jan 24, 2003 3:27 am

Post by lazy_yogi »

umm .. how exactly does the = work there
with <? =$var ?>

is it just another way to say echo ?
ReDucTor
Forum Commoner
Posts: 90
Joined: Thu Aug 15, 2002 6:13 am

Post by ReDucTor »

yes
User avatar
volka
DevNet Evangelist
Posts: 8391
Joined: Tue May 07, 2002 9:48 am
Location: Berlin, ger

Post by volka »

if short_open_tag is enabled (only to keep it in mind ;) )
McGruff
DevNet Master
Posts: 2893
Joined: Thu Jan 30, 2003 8:26 pm
Location: Glasgow, Scotland

Post by McGruff »

ReDucTor wrote:besure when including like that do security checks for .. and /

<a href="articles2.php?articles=<?=$aid?>"><?=$test?></a>

Looks neater :D

Do you mean you must always check for ".."and "/" in the include path string?
User avatar
Stoker
Forum Regular
Posts: 782
Joined: Thu Jan 23, 2003 9:45 pm
Location: SWNY
Contact:

Post by Stoker »

if using request-data (post/get/cookie/session) in any file or shell operation you must always check that there can be no manipulation of path, in general I would say that it is a lot smarter to allow what you expect instead of dissalow what you dont want, that way you are safe if there is something you didn't think about.. In some cases tho, it may be required to accept a single dot but not a double..
Post Reply