it sound like you've heard about include();
whilst this is a very useful function, it can lead to easy exposure of code and remote code execution.
if you want to use the include(); method to open pages, you should use something like the following:
Code:
if (ereg("[a-z]+(\[a-z]+)", $whatever) && !ereg("[.].[.]*",$whatever)) {
include($whatever.".php");
} else {
echo "Sorry, that is not a valid file name.";
}
whilst this is still not totaly secure, it would be better than nothing.
FYI: this method is used so you don't have only have to worry about sorting out the menu, and header and footer on one page, and just include the main content for each other page. But there is nothing wrong with linking to links.php or any other page... but you are creating more work for yourself.
ps, the in my experience, the include(); method is easier for creating themes.
Enter your message below
Sign in or Join us (it's free).