ONJava.com -- The Independent Source for Enterprise Java
oreilly.comSafari Books Online.Conferences.


AddThis Social Bookmark Button
  Ten Security Checks for PHP, Part 1
Subject:   get/post
Date:   2004-11-17 03:56:54
From:   Lancelotti
Response to: get/post

Cant you use this to security of your incluedes.

$page = "path_to_file/$_GET[page].php";
// put de get variable in string, and indicated de directory where your subpages are

if (!file_exists($page)) {
$page = "index.php";
// if file not exists use the index.php

// include de file

Note. Include all your subpages in path_to_file and your extension may be .php

1 to 1 of 1
  1. get/post
    2004-11-17 15:05:41  Clancy Malcolm | O'Reilly Author [View]

1 to 1 of 1