$_GET, isset(), and switch.

[Direct $_GET Method]

i have a very simple question, but am not sure where to even go in the right direction with this! here it is!

which method for php page management (for lack of a better phrase?) do you think is the safest/fastest, etc... which is the overall BEST method! see the code snippets below for examples, and please reply telling me which of the 3 is the best in your honest opinion.
In this example, we will only be using numbers as the variable that is changing from page to page. the function "isNum" will not be shown in this example. For more information on function.isNum, please see my tutorial, "Better ways to handle submitted data.."

Direct $_GET Method

Code:

<?php
$id = isNum($_GET['id']);
if ($_GET['id']=='1'){
include('filename1.php'); 
} elseif ($_GET['id']=='2'){
include('filename2.php'); 
} else {
include('default.php'); 
}
?>

function.isset() Method

Code:

<?php
if (isset($id)){
include('filename.php?id='.$id);
} else {
include('default.php'); 
}
?>

Switch Method (using $_GET as well though)

Code:

<?php 

$id = isNum($_GET['id']);
switch($id) { default: include('filename.php'); 
break; case "1": include('filename1.php'); 
break; case "2": include('filename2.php'); 
break; case "3": include('filename3.php'); 
break; case "4": include('filename4.php'); 
break; case "5": include('filename5.php'); 
break; case "6": include('filename6.php'); 
break; case "7": include('filename7.php'); 
} ?>

[Join us @ facebook]

I guess the isNum($id) is the (int)$id

The answer to your question depends. If you have 2 or 3 or 5 possible ways to go, then an if statement is fine. Otherwise a switch() statement looks better.

In anyway those are very simple functions of php so I guess there is no big difference anyway.

I guess the isNum($id) is the (int)$id

The answer to your question depends. If you have 2 or 3 or 5 possible ways to go, then an if statement is fine. Otherwise a switch() statement looks better.

In anyway those are very simple functions of php so I guess there is no big difference anyway.

so $_GET and isset are virtually the same? using either $_GET or isset to call the variable does not compromise security of the script in anyway?

[Switch Method (using $_GET as well though)]

The answer to your question depends. If you have 2 or 3 or 5 possible ways to go, then an if statement is fine. Otherwise a switch() statement looks better.

Switch Method (using $_GET as well though)

Code:

<?php 

$id = isNum($_GET['id']);
switch($id) { default: include('filename.php'); 
break; case "1": include('filename1.php'); 
break; case "2": include('filename2.php'); 
break; case "3": include('filename3.php'); 
break; case "4": include('filename4.php'); 
break; case "5": include('filename5.php'); 
break; case "6": include('filename6.php'); 
break; case "7": include('filename7.php'); 
} ?>

Hey Nikolas!

You made me laugh!  "looks better" is a can of worms (to a chicken or a fish - that's a good thing!!).

I had something like this with 27 cases once...

Code:

<?php 
switch($id) { 
     case "1": include('filename1.php'); break;
     case "2": include('filename2.php'); break;
     case "3": include('filename3.php'); break;
     case "4": include('filename4.php'); break;
     case "5": include('filename5.php'); break;
     case "6": include('filename6.php'); break;
     case "7": include('filename7.php'); break;
     default: include('filename.php');
}
?>

I obvously think the break "looks better" after the test and the default "looks better" after all else has failed (and I am sure many will disagree!).

My 27 cases were slowly pared down to just...

Code:

<?php 
switch($id) { 
     case "1": include('filename1.php'); break;
     default: include('filename.php');
}
?>

Was that "wrong"?  God forbid, that is still perfect code!

In fact I have a student that generally likes statements like...

Code:

<?php switch($id) { case "1": include('filename1.php'); } ?>

To him it makes more sense than...

Code:

<?php if ($id = "1") { include('filename1.php') ; } ; ?>

And that is what made me laugh, because in PHP there are a bunch of ways to make things "look better" (to a bunch of different people!) 

[Join us @ facebook]

Hey Lan I think a teacher should not laugh in other people's opinions or english anyway

The best way to do this if you are going to use a statement to include a module in my honest opinion is something like:

Code:

<?php
$module = '/path/to/modules/'.$_GET['id'].'.php';
if ( file_exists( $module ) )
 include $module;
else
 die('unknown module');

?>

Hey Lan I think a teacher should not laugh in other people's opinions or english anyway

The best way to do this if you are going to use a statement to include a module in my honest opinion is something like:

Code:

<?php
$module = '/path/to/modules/'.$_GET['id'].'.php';
if ( file_exists( $module ) )
 include $module;
else
 die('unknown module');

?>

Hi Nikolas,

Oops, Hope you didn't think I was laughing at you.  No Offence, huh?

I agreed with your point, just laughed at the comcept of 2 or 3 or 5 if statements!  A student asked me not long ago, "Where is that line?" Is it 2, or 3, or 5?  The truth is that it is the best way for the programer (unless your are talking about functionality or security.

Far be it for me to laugh about english either.  I live in the Philippines and we say things like "The other, other day!"  You can read that as "two days before yesterday!"

The module idea is a great idea... but it does add complexity that may not be needed for a very simple statment!  Although, I find myself writing more and more "modules" and stringing them together as needed. It makes editing features very easy because only one little piece of code is all you are dealing with.

Oh, by the way, I am NOT a teacher!  I have students because I teach!  I retired from programing fortran and colbol and PL-1 years ago (eight grand children so far!).  I "teach" poor people who cannot go to school.  I do have a class I help with (club advisor / server admin) at a college here, but my students are 21 "kids about 20yrs" that are learning XHTML, PHP and MySQL on 8 workstations I set up in a spare part of my house.  So far, I have helped a few dozen people get jobs (seven in other countries) that feed their families.  This schools is free because the students cannot afford to pay.  A great way to retire!

But this "teacher" is still learning!  I have my "young" daughter in the University IT program and she comes home and teaches her papa!

I like your ideas Nikolas, they are very practical and helpful and I was not laughing at you... more laughing with you about the fact that the "right way" may be a matter of opinion, yours, mine or anyones!

Have a great day and keep up the good work, I love the site.  In fact I may even copy some of it for a forum in the Tagalog and Cebuano languages! (the 2 largest language groups of the 117 languages of the Philippines).  Fantastic Job!

Yo Meth0d...
I like the module method Nikolas proposed also.  Because if you make an error (maybe you don't do that!) the program will still give you a warning with the

Code:

<?php
else
 die('unknown module');
?>

Although I would prefer...

Code:

<?php
else
 exit('unknown module');
?>

Because of how "die" is preceived in the Philippines! 

[Join us @ facebook]

I am not a man that got offended easily anyway, so no hard feelings

The method I propose is good because it will help you create some kind of framework. I mean this way you wont need to put a line of code to your index file when you add or remove modules.

But I have to say that it is VERY IMPORTANT to use :

$module = '/path/to/modules/'.$_GET['id'].'.php';

Because if you use something like :

$module = $_GET['id'].'.php';

you will have security problems

But I have to say that it is VERY IMPORTANT to use :

$module = '/path/to/modules/'.$_GET['id'].'.php';

Because if you use something like :

$module = $_GET['id'].'.php';

you will have security problems

Very good security point!  In fact it may be best to even do some additional stuff.  My basic belief is that get and post statements, as well as address lines or anything else the user can pass to your server are really close to viruses and need to be treated with a high degree of disbelief that they contain any valid information!  Better to be safe than sorry!

Code:

<?php
$module = '/path/to/modules/'.$_GET['id'].'.php';
if ( file_exists( $module ) )
 include $module;
else
 die('unknown module');

?>

Nik that is exactly what I am looking for! thanks mate!

[Guest]

[37.736]

Yahoo crawler, Googlebot, edock, Msnbot, Nikolas