2

I have an index.php file in the top level with other files such as "login.php", "register.php" in a folder called includes. The folder hierarchy looks like this:

index.php
includes/
    register.php
    login.php
css/
    style.css
images/
    image.png

How can I set the url to something like http://www.mydomain.com/register which then from within the index.php page calls (includes) the register.php page?

Is this the best way to go about it?

Thanks

Mike

Improve this question

5 Answers 5

Reset to default
2

Well, so long as the URL stub (i.e. /register) is always going to be the same as the file name you want to include, you could do this using Apache's mod_rewrite.

However, if you want to change the URL stub to something other than the filename you want to include, why not do this:

// Get the URL stub:
$url_stub = $_SERVER['REQUEST_URI'];
define('INCLUDE_PATH', 'includes/');

switch($url_stub)
{
    case 'register':
        include(INCLUDE_PATH . 'register.php');
        break;
    case 'login':
        include(INCLUDE_PATH . 'login.php');
        break;
    default:
        // Output whatever the standard Index file would be here!
}
Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

0

If your server is Apache: Create on root folder file ".htaccess"

#.htaccess    
RewriteEngine On
Options +FollowSymlinks
RewriteRule /register index.php?mode=register

//index.php

<?php
if(isset($_GET['mode']=='register')){
      include('includes/register.php');
} 
?>
Improve this answer

14 Comments

I get "500 Internal Server Error" I must be doing something wrong?
remove Options +FollowSymLinks
It now just says "404 Not Found"
Root folder has: index.php, .htaccess, includes,css, images?
Root folder has index.php, .htaccess and the folder includes. Within includes are the folders css, images, and the files register.php, login.php etc
|
0

using mod_rewrite:

RewriteRule ^register index.php?page=register
RewriteRule ^login index.php?page=login

index.php:

<?php
  include('includes/'.$_GET['pagename'].'.php');
?>

EDIT: For security reasons, see also arnouds comment below.

Improve this answer

3 Comments

I see local file execution vulnerabilities (include('includes/'.$_GET['pagename'].'.php');...). What happens if I do index.php?page=../../../etc/passwd%00 ?
@arnaud576875: most probably, the user which started the server will not have read access for this file :-) But you are right, you should of course check the $_GET first...
/etc/passwd is usually world-readable, but that was only and example. This gives anyone the possibility to execute php scripts too.
0

You can use apache rewrite rules to do that: (place this in a .htaccess file in the same directoyr than index.php)

RewriteEngine On
RewriteRule ^/register$ index.php?page=register

And in index.php:

$pages = scandir('includes');
if (isset($_GET['page'])) {
    $page = $_GET['page'] . '.php';
    if (in_array($page, $pages)) {
        include $page;
    }
}
Improve this answer

1 Comment

This method come up with a blank page! Any clues as to what I may be doing wrong?
-1

You can write a .htaccess file with something like this:

RewriteEngine On
RewriteRule ^([a-z]+)/?$ /index.php?include=$1 [PT,QSA]

and the index.php file with:

include('includes/'.$_GET['include'].'.php');

Of course you can adapt this code to what you need.

Improve this answer

7 Comments

I see local file execution vulnerabilities (include('includes/'.$_GET['pagename'].'.php');...). What happens if I do index.php?page=../../../etc/passwd%00 ?
$include = htmlspecialchars(strip_tags($_GET['include']),ENT_QUOTES,"utf-8"); would correct that vulnerability.
This has nothing do do with html. How stripping HTML tags avoids me from doing include=../../etc/passwd ?
Btw, the file is passwd, not passwd.php
try with ../../etc/passwd%00 ;)
|

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.