looks like your having fun ... but before you go building & using something that is going to cause you major security headaches go to this site and read, read, read: http://phpsec.org/ and remember NEVER TRUST USER INPUT (or data from *any* outside source); currently your example will probably allow me to read your passwd file (I doubt that that was your intention) ... www.mywebsite.com?ph=U%20HAVE%20BEEN%20OWNED&pt=<script>somemeallyourcookies();</script>&cf=/etc/passwd andrew newman wrote: > ---------- Forwarded message ---------- > From: andrew newman <andjnewman@xxxxxxxxx> > Date: Oct 20, 2006 2:30 PM > Subject: Parsing and using URL variables > To: php-general-digest@xxxxxxxxxxxxx > > > Hello > > I am very new to PHP and I am trying to parse the values of variables > from a URL into a web page. to build a very simple CMS! > > For example if the url is > > www.mywebsite.com?ph=My Website&pt=Welcome Page&cf=home.htm > > I then have a php file that is something like this: > > <html> > <head> > <title> > <?php $val = $_GET['ph']; echo $val;?> > </title> > </head > <body> > <b><?php $val = $_GET['pt']; echo $val;?></b> > <p/> > <?php $val = $_GET['cf']; Include '$val'; ?> > </body> > </html> > > Any advice would be most welcome! > > Thanks Andrew > -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
