I’m having a little problem. I want to securely include files based on the $_GET Parameter from a subdirectory + handle if the parameter is not valid.
<?phpif(isset($_GET['p']) && $_GET['p'] == 'fahrzeuge'){ include 'includes/cars.php'; } if(isset($_GET['p']) && $_GET['p'] == 'impressum'){ include 'includes/impressum.php'; } if(isset($_GET['p']) && $_GET['p'] == 'home'){ include 'includes/home.php'; } if(isset($_GET['p']) && $_GET['p'] == 'anfahrt'){ include 'includes/anfahrt.php'; } if(isset($_GET['p']) && $_GET['p'] == 'about'){ include 'includes/about.php'; }?>This is my Code. Sorry I know it is a noob way of solving this. How can I improve it? Any Suggestions/Help would be highly appreciated
Advertisement
Answer
I would use a ternary to set a variable that tells the page what to include.
This is very similar to Ofir Baruch‘s answer, except much shorter.
$pages = array('about','contact','home');$p = isset($_GET['p']) && in_array($_GET['p'], $pages)? $_GET['p'] : 'home';include "includes/{$p}.php";Basically, you have an array of pages that are possible. In the ternary, we check if $_GET['p'] is set (isset()), AND we check if the value it contains is in the array. If it is, we use $_GET['p'] as $p, if it is not, we set $p to home, this means that home will always be the default if $_GET['p'] is not set, or not a valid page as per the array.