What are the best practices for including content in a PHP page based on URL variables?

When including content in a PHP page based on URL variables, it is important to sanitize and validate the input to prevent security vulnerabilities such as SQL injection or cross-site scripting attacks. One way to achieve this is by using PHP's filter_input function to retrieve and sanitize the URL variables before using them in your code.

// Sanitize and validate the input URL variable
$page = filter_input(INPUT_GET, &#039;page&#039;, FILTER_SANITIZE_STRING);

// Include content based on the sanitized URL variable
if ($page == &#039;about&#039;) {
    include &#039;about.php&#039;;
} elseif ($page == &#039;contact&#039;) {
    include &#039;contact.php&#039;;
} else {
    include &#039;home.php&#039;;
}

Keywords

GET variables URL parameters conditional statements include function data validation

What are the best practices for including content in a PHP page based on URL variables?

Keywords

Related Questions