How to create php navigation(page.php?go=whatever)

1. First, check if you web hoster offers php support (most people would anyway).
2. Now create a new file called index.php (if you already have a file called index, rename it to index2.php)
3. Now enter <?php
4. on a newline enter: switch ($go) {
5. enter: case "(whatever you like)":
6. enter: require ('(whatever your file is called.php/htm/html)');
7. now enter: break
8. Repeat the last couple of steps until you are finished.
9. Now you need to set the default value(if people type ?go=something-you-didnt-set-as-a-value)
10. now finally enter: default:
11. then enter: require ('index2.php/htm/html');}?>

So the final code would look like:

Well to enhance the usability Why are u including different files every time.
Rather just call a function you have written for every page.

Wouldnt that be Easy ?

Hi all

Use this code , its easy and fast for "n" page
at first make page.php with notepad and then save this code at page.php :



its very easy for example if you have index.php
at url you must use this address :

page.php?go=index

after you go at ( page.php?go=index ) your code at page.php read all index.php code and load at screen
its very east
at end you can make check file at page.php for 404 err or .... by check the file
thanks all

I need help with a page of mine. I use WML and PHP together since I only make WAP sites (sites for mobile devices) and I can't get this one page right. Here is an example:

Any help would be appreciated.

This post has been edited by juice: Sep 25 2006, 12:35 AM

using this type of php programming to load a page is kind of dangerous because you can potentially link to outside sites simply by entering it in the url. if you do your site this way you have to make it more secure. If you don't someone can put a php file on their own server and run it. And running that php could mean running shell commands or something else to hack your site or the server.

Well you couuld use a little security stuff.
Like if you know the value of the $_GET['act'] is a Number you could use the is_numeric function that checks whether the $_GET['act'] is a number or no.This is because all the GET and POST VARS are treated as only strings and not numbers , integers or float values.

You could also use the trim() function to trim white spaces in the value of the GET VAR or ARRAY Value.
Also importantly use htmlentities() function of PHP to convert characters that could confuse either PHP or MySQL in case you are using it.
If you dont do this then someone could make a MySQL injection attack or could confuse PHP to give you E_ERROR and then your script fails.

Hence one must ensure safety in such a way.
Hope this information was useful to you guys.

Never, ever, ever, ever do this. Ever! Anyone with even the most basic of PHP knowledge could use this to break into your site and/or reveal sensitive information. Combined with the so-called null poison byte, files which would otherwise be protected such as .htpasswd could easily be revealed (file.php?gi=protected_directory/.htpasswd%00), or files executed that you don't want to be executed. You absolutely must always sanitize user input, no matter what it is or how insignificant or unabusable you think it may be - everything from GET values to a cookie's content and other header information has to be checked before being used.

@cwalden

You make a very clear explanation of what to do which is good, what you don't do is say why this method is better than just making totally separate pages?

So please could you/someone say, I would be interested in knowing.

Yacoby, using the php query string is only one way to manage a php based site. Typically, there is only one "page" and the "content" for the page is altered based on the value of the query string.

Using this method to simply accept the value as input by the user, as Spectre points out, can be very dangerous. Imagine if they inserted the name of a file which contains all of your database passwords and usernames? Maybe even your cpanel name and password, etc... not that you would keep that information inside your account files, right?

Click on the link in my siggy to review a template (not the zip file) which I have used a similar, but "more secure" method. What I do in my Template is check the query string value (what comes after the question mark) and evaluate it against the contents of an array which includes a list of the 'acceptable values'. If the query string is in the array, the page is displayed, otherwise, the index page is viewed.