0

I have:

<?php
$goto = $_GET['goto'];
?>

and:

<form method="get"><input type="text" name="goto" id="goTo" /></form>
<iframe id="page" src="http://<?php echo $goto; ?>"></iframe>

If I go to my page, nothing displays unless I end the URL with ?goto=<webadress>.

Example: http://example.com/windows8/apps/Flake/index.php?goto=http://google.com

How can I make it so that if the user didn't type in ?goto=http://google.com, the page displays like a backup website?

Improve this question
1
  • In addition to Jon's answer, you need to add a submit button to your form Commented Jun 10, 2011 at 15:57

2 Answers 2

Reset to default
5

If you want to provide a default value for $goto, do it like this:

<?php
$goto = !empty($_GET['goto']) ? $_GET['goto'] : 'http://www.google.com'; // default here
?>

However, you should be aware that by doing this, you allow everyone to construct URLs that point to your server but output to the browser HTML (and more importantly, scripts) that is not under your control (it comes from whatever URL goto points to). This would make it trivially easy for someone to attack your users.

Improve this answer
Sign up to request clarification or add additional context in comments.

2 Comments

Yeah, I just love this. Answers to stupid questions get most upvotes. We have a problem here, StackExchange!
Thank. But I solved it another way! :P I'm making a "web-browser" for my Windows 8 Mimic :) enji.se/windows8 But thnx anyways! :)
2 


$goto = isset($_GET['goto']) ? $_GET['goto'] : "backup page";

Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.