基于URL参数的PHP包含
我有一个目录,其中包含30个包含各种html块的php。我正试图根据url的参数包含其中的5-6个文件。这些文件的名称如下所示:基于URL参数的PHP包含,php,php-include,Php,Php Include,我有一个目录,其中包含30个包含各种html块的php。我正试图根据url的参数包含其中的5-6个文件。这些文件的名称如下所示: <?php $include = $_GET['include']; // hyphen separated list of file names. $arr = explode("-", $include); //explode into an array # What's the min and max of the array? $max = m
<?php
$include = $_GET['include']; // hyphen separated list of file names.
$arr = explode("-", $include); //explode into an array
# What's the min and max of the array?
$max = max($arr);
$min = min($arr);
# Just to see what's happening.
echo $max."-".$min;
# Start at the lowest value, and work towards the highest in the array.
for ($i = $min; $i <= $max; $i++) {
# Include the nth php file
include $i.".php";
}
?>
1.php
2.php
3.php
...
30.php
URL如下所示:
<?php
$include = $_GET['include']; // hyphen separated list of file names.
$arr = explode("-", $include); //explode into an array
# What's the min and max of the array?
$max = max($arr);
$min = min($arr);
# Just to see what's happening.
echo $max."-".$min;
# Start at the lowest value, and work towards the highest in the array.
for ($i = $min; $i <= $max; $i++) {
# Include the nth php file
include $i.".php";
}
?>
www.example.com?include=1-4-14-20-29
我需要这样的东西,但我知道这是无效的:
$include = @$_GET['include']; // hyphen separated list of file names.
$arr = explode("-", $include); //explode into an array
foreach ($arr as $filename) {
include $filename."php";
}
我试图得到的结果是:
<php
include '1.php';
include '4.php';
include '14.php';
include '20.php';
include '29.php';
?>
感谢您提供的任何帮助。我将在数组中循环,因此将取最小值和最大值,如下所示:
<?php
$include = $_GET['include']; // hyphen separated list of file names.
$arr = explode("-", $include); //explode into an array
# What's the min and max of the array?
$max = max($arr);
$min = min($arr);
# Just to see what's happening.
echo $max."-".$min;
# Start at the lowest value, and work towards the highest in the array.
for ($i = $min; $i <= $max; $i++) {
# Include the nth php file
include $i.".php";
}
?>
编辑
哦,对不起,刚才我误解了你的问题,你找的不是范围,而是个人电话。那么这个是给你的:
<?php
$include = $_GET['include']; // hyphen separated list of file names.
$arr = explode("-", $include); //explode into an array
foreach ($arr as $filename) {
include $filename.".php";
}
?>
这不管用吗?为安全起见,您应将输入列为白名单,例如,将开关与“1”、“2”和。。。以及。包括'1.php','2.php'。。为了不允许恶意的include请求