Ok in this tutorial, I will teach you how to create a secure PHP navigation through including files.
Basically another way to use stuff like: ?page=this, etc..
Ok first off I'll just post the entire code:
<?php
$allowed_pages = array(
'about',
'members',
'admincp',
'forum'
);
if(!$_GET['page'] || !in_array($_GET['page'],$allowed_pages)){
$page = "home";
}else{
$page = $_GET['page'];
}
if($page == "home"){
echo "Welcome to the main page!";
}else{
require($page.".php");
}
?>
Ok now to break it down:
<?php
$allowed_pages = array(
'about',
'members',
'admincp',
'forum'
);
This assigns the variable $allowed_pages an array(or list) with all the pages you wish for the users allowed to view.
if(!$_GET['page'] || !in_array($_GET['page'],$allowed_pages)){
$page = "home";
}else{
$page = $_GET['page'];
}
This will check if the current page the user is trying to view: ?page=BLAH is in the list we made earlier, if it isn't, then the variable $page will be set as 'home' (to send the user to the home page), otherwise it will set the $page variable as ?page='THIS'
if($page == "home"){
echo "Welcome to the main page!";
}else{
require($page.".php");
}
?>
This will be the content part of your site, it will first check if the $page variable we assigned earlier is set to 'home', if it is, then it will just print out 'Welcome to the main page'(you can always change that to something else or another block of code). If the $page variable isn't set to 'home', then it will simply require the file from the server into that page(which will display all the file contents onto the page).
Pretty cruddy tutorial, but it might help somebody out :)
Any questions / comments then please reply. :D