I want to know if my code is safe and if there are other

Question

0

Editorial Team

Asked: May 14, 20262026-05-14T04:40:42+00:00 2026-05-14T04:40:42+00:00

I want to know if my code is safe and if there are other

0

I want to know if my code is safe and if there are other safer alternatives to include external files..

So this is my code example, is it safe? How can I make it safer? Thanks!

<?php switch($_GET['p']){
   case 'test1':
      include 'test1.php';
      break;
   case 'test2':
      include 'test2.php';
      break;
   case 'test':
                echo 'something';
      include 'pages/test.php';
                echo 'something';
      break;
   default: 
      include 'main.php';
      break; 
} ?>

Report

Leave an answer
Cancel reply

You must login to add an answer.

Need An Account,

1 Answer

Editorial Team · Answer 1 · 2026-05-14T04:40:43+00:00

You code is fine. There is no issue conditionally including files like you are doing as the file names are hardcoded. The issue occurs when a the file included is based on an un-sanitized value from the user. E.g

include $_GET['p'];

Which can include whatever the user wants (depending on PHP settings it may also include files on other domains)

The other options are variations on what you are doing

require and require_once will fail if the file doesn’t exist. inlucde_once and require_once ensure that the file is only included once, so it that file has been inlucded elsewhere in the program it won’t be included.

include_once 'myfile.php';
include_once 'myfile.php'; //does nothing as the file is already included

If you have use classes, there is also the option of the autoloader. From the looks of your application you would have to re-structure it to be able to use it though.

Sign Up

Sign In

Forgot Password

The Archive Base Latest Questions

I want to know if my code is safe and if there are other

Leave an answerCancel reply

1 Answer

Leave an answer
Cancel reply