Home/ Questions/Q 6988915
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-27T19:08:36+00:00

I’m using $_get for a simple page redirection. I’ve only just started learning about

  • 0

I’m using $_get for a simple page redirection.
I’ve only just started learning about sanitizing user input, so I was wondering if the below code was ok. Is there any other sanitization that is recommended for this particular code? If yes, why?

About the code below. I checked that the user entered a value and then matched the value against a list of acceptable values before redirecting.

$host  = $_SERVER['HTTP_HOST'];
$uri   = rtrim(dirname($_SERVER['PHP_SELF']), '/\\');
$PAGES = array('a', 'b', 'c', 'd', 'z');

if (empty($_GET['letter'])) { 
$_GET['letter']="a";
}

if (!in_array($_GET['letter'], $PAGES)) { 
$_GET['letter']="a";  
}

$letter=$_GET['letter']; 
$goto=$letter .".php";
header("Location: http://$host$uri/$goto");
Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    As log as you keep $_GET[‘letter’] in a set of $PAGES i think you ‘ll be fine. However, your code is really bad!

    May be this will help you:
    PHP switch with GET request

    Maybe you would be interested to use Zend Framework MVC.

    http://framework.zend.com/manual/en/zend.controller.quickstart.html

    You will find examples with mod_rewrite also. Happy reading !!!

    • 0