Home/ Questions/Q 8080253
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-06-05T16:21:32+00:00

I saw some websites that (for example): if you want to view your message

  • 0

I saw some websites that (for example):
if you want to view your message box, then it is: example.com/file.php?action=pm and also if you want to send a message again the address and the file is the same, but the $_GET is different : example.com/file.php?action=sendpm

How does it work?

Is it just:

if ($_GET['action'] == "pm")
{
    //lots of html code(divs, forms, etc) paste here for action=pm.
}
else
{
    //lots of html code paste here for action=send
}

instead of having files : pm.php, send.php … ?Or the mechanism is different?

I saw that SMF use this mechanism and also I saw something like this for facebook.com/?ref=something.

How does it work?

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    The easiest way is this:

    $action = isset($_GET['action']) ? $_GET['action'] : 'default';
if(!in_array($action, array('list', 'of', 'allowed', 'pages')))
    $action = 'default';
include($action . '.php');

    Note that the validation step is incredibly important. Not properly validating the value leads to nasty security holes from users being able to read any files your script can access to users being able to execute arbitrary code.

    Putting all code in a single file like you suggested in your question is a bad idea since it results in unreadable code. Especially when mixing PHP and HTML in the same file like your question suggested (tip: use a template engine!).

    • 0