• Howdy! Welcome to our community of more than 130.000 members devoted to web hosting. This is a great place to get special offers from web hosts and post your own requests or ads. To start posting sign up here. Cheers! /Peo, FreeWebSpace.net

index.php?page=main

FeediaCo

Active Member
Hello FWS I had a site way back called raversworld and I was taught something in php. Here is what i had in my public_html folder:

index.php
/include
/include/main.php
/include/tos.php

Index.php had the full layout of the site just a blank body for where the text was supposed to go
my question is that the only thing in main.php and tos.php was echo ("this is the text");
but when you clicked on a link you are being brought to index.php?page=main and the text was inserted in the <body> portion of the .php file. I did this about 4 years ago and cant remember how to do it again. all i remember is something along the lines of this
PHP:
//THIS IS INDEX.PHP
<?php
$page==$page
echo ("
<html>
<body>
");
echo $page
echo ("
more site layout
</body>
</html>
PHP:
//THIS IS MAIN.PHP OR TOS.PHP
<?php
echo ("text will be inserted into the body of the site");
?>
I know its a form of SSI but please bear with me and I hope someone can help
 
Last edited:

TehGuy

Active Member
Maybe you're thinking of include() and require()? include(filename.ext) "echoes" the contents of the file. Require does the same thing, but also stops the script if it fails.

You could make your index.php something like:

PHP:
<html>
<head></head>
<body>
//Site layout stuff
<?php
if ((isset($_GET["page"])) && file_exists($_GET["page"])){ 
    include($_GET["page"]);
}
else{
    include("yourdefaultpage.whatever");
}
?>
//Some more site layout stuff
</body>
</html>
Then your links would look like:
<a href="index.php?page=include/main.php">Main</a>

main.php and tos.php don't even have to be PHP files if you don't need them to be. For example, main.php could be main.html or main.text or any number of things, and it could contain just:

HTML:
This is the main page<br />
It doesn't need html or body tags since it's being included in something
that already has the tags, and it only needs php tags
if PHP code is included.
Keep in mind this is open to injection attacks! Someone could edit their address bar to include something else, like if you had a "secretfolder/passwords.txt" that wasn't world readable. So you've gotta check user input (AKA - $_GET["page"]) to make sure someone isn't trying something funny. You could always check to make sure the string they provide starts with "include/" (presumably the only folder you want your included files to come from) by adding in:

PHP:
&& (substr_compare($_GET["page"], "include/", 0, 7) == 0)
after the file_exists() part.
 
Last edited:

TehGuy

Active Member
I was studying some AJAX stuff today since I'm terrible at it, and came up with another way to do it (not necessarily any better, just another way to do it):

HTML:
<html>
<head>
     <script src="http://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js"></script>
</head>
<body>
//Site layout stuff
<div id="menu">
     <a href="main.php">Main</a><br />
     <a href="tos.php">Terms of Service</a>
</div>
<div id="content"></div>
//Some more site layout stuff
</body>
</html>

<script type="text/javascript">
$("#menu a").click(function(event){
      event.preventDefault(); //Prevents clicking a menu link from trying to reload the whole page
      var page = $(this).attr("href")
      $("#content").load(page); //Loads page in object with ID "content" when you click a menu link
});
</script>
I just tested it and it works, so hooray. You'd just need to design a site with an object with id=content and an object with id=menu, plop in the javascript (and the JQuery thing in the header!), and you'd be set. As far as security goes, .load() only allows local files to be used, so there's no worry of people trying to inject their own files in there. You could check "var page" to make sure it starts with "include/" if you want.

So the PHP version's pros and cons:

Pros: will work for everyone who tries to view the page since PHP is server-side, you say you've had experience with it before, pretty easy to sanitize user input
Cons: a little easier for people to try to include their own files

and the JQuery method:

Pros: already good to go just add the layout you want, links are a little shorter than the PHP version, harder for people to include their own files, saves a little on bandwidth since it uses AJAX to reload ONLY the content part of the page
Cons: User needs Javascript support in their browser (95%+ of people have it as of 2008, luckily; I think current estimates are closer to 97-98%)
 
Last edited:

FeediaCo

Active Member
I was studying some AJAX stuff today since I'm terrible at it, and came up with another way to do it (not necessarily any better, just another way to do it):

HTML:
<html>
<head>
     <script src="http://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js"></script>
</head>
<body>
//Site layout stuff
<div id="menu">
     <a href="main.php">Main</a><br />
     <a href="tos.php">Terms of Service</a>
</div>
<div id="content"></div>
//Some more site layout stuff
</body>
</html>

<script type="text/javascript">
$("#menu a").click(function(event){
      event.preventDefault(); //Prevents clicking a menu link from trying to reload the whole page
      var page = $(this).attr("href")
      $("#content").load(page); //Loads page in object with ID "content" when you click a menu link
});
</script>
I just tested it and it works, so hooray. You'd just need to design a site with an object with id=content and an object with id=menu, plop in the javascript (and the JQuery thing in the header!), and you'd be set. As far as security goes, .load() only allows local files to be used, so there's no worry of people trying to inject their own files in there. You could check "var page" to make sure it starts with "include/" if you want.

So the PHP version's pros and cons:

Pros: will work for everyone who tries to view the page since PHP is server-side, you say you've had experience with it before, pretty easy to sanitize user input
Cons: a little easier for people to try to include their own files

and the JQuery method:

Pros: already good to go just add the layout you want, links are a little shorter than the PHP version, harder for people to include their own files, saves a little on bandwidth since it uses AJAX to reload ONLY the content part of the page
Cons: User needs Javascript support in their browser (95%+ of people have it as of 2008, luckily; I think current estimates are closer to 97-98%)
yeah definitley this looks a lot more understandable im gonna try this out thanks :)
 
Top