Are there any best practices to follow when using the include function in PHP for page navigation?

When using the include function in PHP for page navigation, it is important to sanitize user input to prevent any potential security vulnerabilities such as directory traversal attacks. One best practice is to use absolute paths instead of relative paths when including files to ensure that the correct file is included regardless of the current working directory.

&lt;?php
// Sanitize user input for page navigation
$page = isset($_GET[&#039;page&#039;]) ? $_GET[&#039;page&#039;] : &#039;home&#039;;

// Define allowed pages
$allowed_pages = [&#039;home&#039;, &#039;about&#039;, &#039;contact&#039;];

// Check if the requested page is allowed
if (in_array($page, $allowed_pages)) {
    // Include the requested page
    include &quot;pages/$page.php&quot;;
} else {
    // Include a default error page
    include &quot;pages/error.php&quot;;
}
?&gt;

Keywords

include function PHP page navigation code organization file inclusion

Are there any best practices to follow when using the include function in PHP for page navigation?

Keywords

Related Questions