Originally Posted by jared
Well the method I posted works is used by the firm I used to work for. It is perfectly secure if you know how to use it.
The case statement is good but when you are dealing with a template and you have over 50 pages it becomes a bit clumsy.
This will not work. Since when do includes work with remote websites?
Try and do include("www.yourdomain.com/honoes.php") and see what happens. Nothing.
Like I said, if you are smart this script is perfectly secure. But by smart, I mean you have to know what files should be protected by .htaccess (admin files).
Either way the case statement will work fine, but imho this is more efficient.
|
Your method is dangeroes, you could include any file you would want. Possibly not external files (dependant on settings), but any other file on that server. Such as a file located in an Admin directory which a user shouldn't be able to access at all.