If I have this index:
if (isset($_GET['se'])) {
$se= $_GET['se'];
if (file_exists("{$se}.php")){
require("{$se}.php");
}
else {
require("page_error.php");
}
}
else {
require("page_error.php");
}
A link like the following doesn't work:
$pwrurl = "http://example.com/login/?se=change_password?usermail=".$email."&usercode=".$linkHash;
Only something like: http://example.com/login/?se=change_password will be accepted.
Can this be solved?
Beware!
Letting the user decide which file to include without any validation will introduce a vulnerability to your server. They could point your script to any sensitive file.
You should limit the possibilities of what can be included, like this:
$allowed_files = array(
"page_error",
"some_section",
"some_other_section",
"change_password"
);
$se = empty($_GET['se']) ? "page_error" : $_GET['se'] ; // "page_error" by default.
if (in_array($se, $allowed_files)){
require("{$se}.php");
} else {
require("page_error.php");
}
This way they can only read the files you put in the array.
Edit: Also, just like everyone else said, you should separate different param=argument pairs in the URL with & instead of ?. The ? is used to separate the page name from the argument list.
http://example.com/login/?se=change_password&usermail=...
You have two ? in the URL. Multiple parameters have to be separated with &.
Your use of require is very dangerous. Read up on security. Validate any parameter before passing it to such a dangerous function, or your site will be hacked in no time.
The link is wrong, it should be '&' instead of '?' after change_password.
$pwrurl = "http://example.com/login/?se=change_password&usermail=".$email."&usercode=".$linkHash;
&as separator. You have two?which is incorrect.