使用 Url 查询来定义页面
Using Url Query's to define page
我要访问的网页是
https://example.com/portal/projects.php?action=projectdetails&id=18
我有一个名为 projects.php 的文件,它查找变量并包含正确的页面(projectsm projectdetails、projectedit...)但我不知道如何让脚本检测是否有页面定义 (?action=projectdetails) &id 变量告诉服务器要在数据库上查询什么 id 以检索信息。
这是我当前的代码(不起作用)
<?php
session_start();
ob_start();
$currentPage = 'usrprojects';
require ('assets/config.inc.php');
if (isset($_SESSION['logged_in']) != true) {
header("location: login.php");
}
else {
if (isset($_GET['action'])){
if( isset($_GET['projectdetails']) && $_GET['projectdetails'] == "")
{
echo "asd";
}
}
else {
require 'includes/pages/projects.php';
}
}
?>
我认为上面的内容更有可能是这样的,因为您正在尝试查找 GET 变量是否等于 projectdetails 而不是查找名称为 projectdetails[=14 的 GET 变量=]
session_start();
ob_start();
$currentPage = 'usrprojects';
require ('assets/config.inc.php');
if ( isset( $_SESSION['logged_in'] ) != true ) {
header( 'location: login.php' );
} else {
if ( isset( $_GET['action'] ) ){
if( $_GET['action'] == 'projectdetails' ) require 'includes/pages/projects.php';
else echo 'asd';
}
}
但是,正如我在评论中提到的,您可能想要使用白名单的想法 - 粗略的想法如下:
session_start();
ob_start();
if( empty( $_SESSION['logged_in'] ) ){
exit( header( 'location: login.php' ) );
}
$whitelist=array(
'projects' => array('script'=>'includes/pages/projects.php','level'=>3),
'admin' => array('script'=>'includes/pages/admin.php','level'=>1),
'other' => array('script'=>'includes/pages/other.php','level'=>5)
);
$currentPage = 'usrprojects';
require ('assets/config.inc.php');
if( !empty( $_GET['action'] ) && array_key_exists( $_GET['action'], $whitelist ) ){
$action = $whitelist[ $_GET['action'] ]['script'];
$level = $whitelist[ $_GET['action'] ]['level'];
if( file_exists( $action ) && $_SESSION['level'] <= $level ) require $action;
}
我要访问的网页是 https://example.com/portal/projects.php?action=projectdetails&id=18
我有一个名为 projects.php 的文件,它查找变量并包含正确的页面(projectsm projectdetails、projectedit...)但我不知道如何让脚本检测是否有页面定义 (?action=projectdetails) &id 变量告诉服务器要在数据库上查询什么 id 以检索信息。
这是我当前的代码(不起作用)
<?php
session_start();
ob_start();
$currentPage = 'usrprojects';
require ('assets/config.inc.php');
if (isset($_SESSION['logged_in']) != true) {
header("location: login.php");
}
else {
if (isset($_GET['action'])){
if( isset($_GET['projectdetails']) && $_GET['projectdetails'] == "")
{
echo "asd";
}
}
else {
require 'includes/pages/projects.php';
}
}
?>
我认为上面的内容更有可能是这样的,因为您正在尝试查找 GET 变量是否等于 projectdetails 而不是查找名称为 projectdetails[=14 的 GET 变量=]
session_start();
ob_start();
$currentPage = 'usrprojects';
require ('assets/config.inc.php');
if ( isset( $_SESSION['logged_in'] ) != true ) {
header( 'location: login.php' );
} else {
if ( isset( $_GET['action'] ) ){
if( $_GET['action'] == 'projectdetails' ) require 'includes/pages/projects.php';
else echo 'asd';
}
}
但是,正如我在评论中提到的,您可能想要使用白名单的想法 - 粗略的想法如下:
session_start();
ob_start();
if( empty( $_SESSION['logged_in'] ) ){
exit( header( 'location: login.php' ) );
}
$whitelist=array(
'projects' => array('script'=>'includes/pages/projects.php','level'=>3),
'admin' => array('script'=>'includes/pages/admin.php','level'=>1),
'other' => array('script'=>'includes/pages/other.php','level'=>5)
);
$currentPage = 'usrprojects';
require ('assets/config.inc.php');
if( !empty( $_GET['action'] ) && array_key_exists( $_GET['action'], $whitelist ) ){
$action = $whitelist[ $_GET['action'] ]['script'];
$level = $whitelist[ $_GET['action'] ]['level'];
if( file_exists( $action ) && $_SESSION['level'] <= $level ) require $action;
}