Hi all, i have a file which inside it there is an include statement, like this <?PHP $levCat=htmlspecialchars($_GET[levCat]); include $levCat . "Last.php"; ?> PHP: which is the value taken from this link: main.php?id=$memId&levCat=$levCatId Let say the target files that can be included are: memberLast.php newsLast.php downloadLast.php so, the possible values are $levCatId="member" or $levCatId="news" or $levCatId="download" My problem appear, if someone try to insert $levCatId with extraneous value, maybe like 'xxx' or something like that. so after executed there is an error message like this: Warning: Failed opening 'xxxLast.php' for inclusion (include_path='.;c:\apache\php\pear') in c:\apache\htdocs\sample\isi\conMain.php on line 110 The result that i want to get is, if some one try to insert some extranous value to $levCatId, so after execution there is no error message appear & they will be redirected to a white blank page just like this one. I hope someone could help me please, to solve my problem Thanks
I believe if you turn ERROR_REPORTING to "ERROR_REPORTING = E_NONE" in the php.ini it will turn off all warnings and etc like what you're talking about. You can also do it in your script rather than the php.ini file but I don't remember the code off the top of my head
It seem impossible for me to set all the error message off from php.ini because any reasons. Is there a way to do if a specified file not found (like xxxFast.php), so page will be redirected to another file, let say blank.php. ???
I'm not sure if their's a way to do it for a range of pages not found but you could always just use a custom error page to redirect it so when there's a 404 error (page not found) you can redirect them to "blank.php" You could use custom error pages or just use .htaccess
But Mr jmyer123, please check this link http://www.amec-berca.co.id/index.php?page=services if you change services with XXX, the page will be white blank and no error reported. have idea about this?
You could check first whether the file to include exists. If so, then include, else redirect to an error page.
$allowed_pages = array('page1','1page2','page3'); $page = strtolower($_GET['page']); if(!in_array($page,$allowed_pages)){ if($page == NULL){$page = 'page1';}else{$page = 'blank';} } include($page1.'.php'); PHP: Link will be something like: index.php?page=pagename You can change it to suite your needs. Peace,
<?PHP $levCat=htmlspecialchars($_GET[levCat]); if(is_file($levCat)) include $levCat . "Last.php"; else header("Location: yourblankpage.php"); ?>
i like the code of azizny , but something could be better there. $allowed_pages = array('page1','1page2','page3'); $page = (isset($_GET['page']) && in_array(strtolower($_GET['page']),$allowed_pages) ) ? strtolower($_GET['page']) : 'page1'; include($page.'.php');