SitePoint Sponsor

User Tag List

Results 1 to 4 of 4
  1. #1
    SitePoint Addict agentforte's Avatar
    Join Date
    May 2007
    Location
    Toronto, ON, Canada
    Posts
    213
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    Question How to organize my page

    Hello,

    I am beginning to build a database driven website,
    which of the following two designs do you think makes more sense?

    Many of the pages will take POST data to decide on which content to display.
    For the second choice, is there any problems I might run into with POST data?
    for example,
    <form action="<?php echo $_SERVER[REQUEST_URI]; ?>" method="post" >

    1) Have a file for each page (i.e. main.php, news.php, searchresult.php)
    and have the menu, header and footer in a separate file and use a php include (so that I can edit them in a single file).

    2) have a single file (i.e. index.php) and use GET to decide which page to display.
    for example:
    PHP Code:

    // The html for header and menu will be here

    <?php
    $page
    =$_GET['page'];

    // check that an allowed page name is requested
    $allowedpages = array ('main''news''searchresult')
    if (!
    array_key_exists($page$allowedpages)){
    echo 
    'error with page request';
    } else {
    include 
    'mysite/' $page '.php';
    }
    ?>

    // the html for the footer here
    I am sure the second choice is better, easier to maintain, and even restrict access.
    I will be using "how do I make "search engine friendly" URLs in PHP?" from The PHP Anthology book to make
    website.ca/index.php?page=something.php show up as
    website.ca/index.php/something

    any suggestions on which method to use? which method do you use?
    Last edited by agentforte; Jul 8, 2007 at 23:23.

  2. #2
    SitePoint Enthusiast
    Join Date
    Jun 2007
    Location
    Bristol, England
    Posts
    74
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    In all honestly, I would use neither.

    <form action="<?php echo $_SERVER[REQUEST_URI]; ?>" method="post" >
    That could potentially be dangerous. You would want to htmlentities() it. Also add single quotes around the index.

    If you want "search engine friendly" URLs then most people would reccomend mod_rewrite. That will strip the index.php completely out of your query-much nicer.

    What happens with #2 when your site, possibly, grows to hundreds of pages?

  3. #3
    SitePoint Addict agentforte's Avatar
    Join Date
    May 2007
    Location
    Toronto, ON, Canada
    Posts
    213
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    hundreds of pages...

    Thanks for the feedback regarding htmlentities().

    If it did grow to hundreds of pages, it would still be only one page to maintain... with the exception of a few pages that do not follow the design of the site, like terms of use.

    The main advantage I see is that the content for each individual page can be in a separate include file, where I can have someone (that does not know programming) modify content for specific pages, without access to the rest of the page. Also, I don't have to spend the little time I have developing a content management system yet.

    This also makes it possible to edit the HTML of hundreds of pages all at once. (if and when standards change or new and useful features come out that I want to add)

    Is there an obvious problem I am missing, if it does grow to a very large website using this method?

  4. #4
    SitePoint Addict
    Join Date
    Sep 2006
    Posts
    368
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    well both methods are miles from what i write everyday but suppose you better get good at procedural php first before moving to the big brave world of OO php, take the blue pill ( method2 )


    anyways DONT TRUST user input! $_GET, $POST, $_SERVER all can be faked

    do filter all input (and output) or it will all bite you in the rear


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •