I have: <?php $goto = $_GET[‘goto’]; ?> and: <form method=get><input type=text name=goto id=goTo /></form>

Question

0

Asked: May 23, 20262026-05-23T00:07:21+00:00 2026-05-23T00:07:21+00:00

I have: <?php $goto = $_GET[‘goto’]; ?> and: <form method=get><input type=text name=goto id=goTo /></form>

0

I have:

<?php
$goto = $_GET['goto'];
?>

and:

<form method="get"><input type="text" name="goto" id="goTo" /></form>
<iframe id="page" src="http://<?php echo $goto; ?>"></iframe>

If I go to my page, nothing displays unless I end the URL with ?goto=<webadress>.

Example: http://example.com/windows8/apps/Flake/index.php?goto=http://google.com

How can I make it so that if the user didn’t type in ?goto=http://google.com, the page displays like a backup website?

Report

Leave an answer
Cancel reply

You must login to add an answer.

Need An Account,

1 Answer

Editorial Team · Answer 1 · 2026-05-23T00:07:22+00:00

If you want to provide a default value for $goto, do it like this:

<?php
$goto = !empty($_GET['goto']) ? $_GET['goto'] : 'http://www.google.com'; // default here
?>

However, you should be aware that by doing this, you allow everyone to construct URLs that point to your server but output to the browser HTML (and more importantly, scripts) that is not under your control (it comes from whatever URL goto points to). This would make it trivially easy for someone to attack your users.

Sign Up

Sign In

Forgot Password

The Archive Base Latest Questions

I have: <?php $goto = $_GET[‘goto’]; ?> and: <form method=get><input type=text name=goto id=goTo /></form>

Leave an answerCancel reply

1 Answer

Leave an answer
Cancel reply