if statement and $_GET

Question

I am passing a variable using GET, and I'd like a fallback if there's nothing there. I've been using

$page = $_get;
if $page = ""
 {
  include 'home.php';
 }
else
 {
  include $page;
 }

But it just breaks my page. Any ideas?

I think you'd want to use if($_GET['varName']){...} – Phil Dec 02 '13 at 23:24 — Phil, Dec 02 '13 at 23:24
it's not `$_get` it's `$_GET` – gwillie Dec 02 '13 at 23:24 — gwillie, Dec 02 '13 at 23:24

nl-x · Answer 1 · 2020-06-10T09:00:38.933

First, $_GET is in capitals.

Second, you need to say which value_name you want. $_GET['value_name']

Third, you need to check if the value_name has been set. if(isset($_GET['value_name']))

Fourth, and most important: NEVER DO THIS ! Never include files based on what is given in the url or otherwise user input. You will be hacked ! Rather you match the given value to an array of allowed file names or use a switch.

score 0 · Accepted Answer · answered Dec 02 '13 at 23:23

0

Probably just missing the parens on the if statement. Also, you'll need to specify the GET param.

$page = $_GET['param'];

if ($page == "") {
    include 'home.php';
} else {
    include $page;
}

answered Dec 02 '13 at 23:23

brian

2,745
2
17
33

You should probably check to see if `$_GET['param']` is set before assigning it to `$page` – Kermit Dec 02 '13 at 23:25
His question was about a fall back. It's either the "nothing there" or everything else. Set or not is irrelevant. I hope you weren't the down vote. – brian Dec 02 '13 at 23:26
You're a star, thank you so much. I know it's just something silly, but I'm learning this with little-no-time before the work is due. Thanks. – user3059305 Dec 02 '13 at 23:29
It would be wise to review some of the other answers, too. I simply answered your question, but, there are serious other concerns with that snippet of code, namely: Security and the functionality that you probably wanted but didn't articulate. Also, thanks to the down voter! I appreciate that! – brian Dec 02 '13 at 23:30

score 0 · Answer 3 · edited May 23 '17 at 12:28

First of all, $_GET is an associative array. So you should check against something, or not empty.

On the other hand, here $page = "" you're assigning; if you want to compare, you need to use == or ===. Also, you could use functions like isset, or empty, that will return you a bool if there is an element or not in the variable.

So, what you need is something like this

include !empty($_GET['param'])?$_GET['param']:'home.php'

? is a ternary operator, is a resumed if-else

As last aclaration, you should never include directly variables you receive from $_GET, and $_POST. This will put risk on your system. example on Stack Overflow

score 0 · Answer 4 · answered Dec 02 '13 at 23:30

0

Also, use isset() to check if you have an input...

But yes what you want to do is a little bit dangerous in term of security... !

answered Dec 02 '13 at 23:30

zeflex

1,487
1
14
29

if statement and $_GET

4 Answers4