Fatal编程技术网
  • php/
  • 基于URL参数的PHP包含

基于URL参数的PHP包含

php

基于URL参数的PHP包含,php,php-include,Php,Php Include,我有一个目录,其中包含30个包含各种html块的php。我正试图根据url的参数包含其中的5-6个文件。这些文件的名称如下所示: <?php $include = $_GET['include']; // hyphen separated list of file names. $arr = explode("-", $include); //explode into an array # What's the min and max of the array? $max = m

我有一个目录,其中包含30个包含各种html块的php。我正试图根据url的参数包含其中的5-6个文件。这些文件的名称如下所示:

<?php
$include = $_GET['include'];   // hyphen separated list of file names.

$arr = explode("-", $include);  //explode into an array

# What's the min and max of the array?
$max = max($arr);
$min = min($arr);

# Just to see what's happening.
echo $max."-".$min;

# Start at the lowest value, and work towards the highest in the array.
for ($i = $min; $i <= $max; $i++) {

# Include the nth php file
include $i.".php";
}

?>
1.php 2.php 3.php ... 30.php

URL如下所示:

<?php
$include = $_GET['include'];   // hyphen separated list of file names.

$arr = explode("-", $include);  //explode into an array

# What's the min and max of the array?
$max = max($arr);
$min = min($arr);

# Just to see what's happening.
echo $max."-".$min;

# Start at the lowest value, and work towards the highest in the array.
for ($i = $min; $i <= $max; $i++) {

# Include the nth php file
include $i.".php";
}

?>
www.example.com?include=1-4-14-20-29

我需要这样的东西,但我知道这是无效的:

$include = @$_GET['include'];   // hyphen separated list of file names.

$arr = explode("-", $include);  //explode into an array
foreach ($arr as $filename) {
include $filename."php";
}

我试图得到的结果是:

<php
include '1.php';
include '4.php';
include '14.php';
include '20.php';
include '29.php';
?>
感谢您提供的任何帮助。

我将在数组中循环,因此将取最小值和最大值,如下所示:

<?php
$include = $_GET['include'];   // hyphen separated list of file names.

$arr = explode("-", $include);  //explode into an array

# What's the min and max of the array?
$max = max($arr);
$min = min($arr);

# Just to see what's happening.
echo $max."-".$min;

# Start at the lowest value, and work towards the highest in the array.
for ($i = $min; $i <= $max; $i++) {

# Include the nth php file
include $i.".php";
}

?>
编辑

哦,对不起,刚才我误解了你的问题,你找的不是范围,而是个人电话。那么这个是给你的:

<?php
$include = $_GET['include'];   // hyphen separated list of file names.

$arr = explode("-", $include);  //explode into an array
foreach ($arr as $filename) {
include $filename.".php";
}

?>
这不管用吗?为安全起见,您应将输入列为白名单,例如,将开关与“1”、“2”和。。。以及。包括'1.php','2.php'。。为了不允许恶意的include请求