I have seen googletap, but wanted something similar but without using modrewrite's, so I developed my own system to call each individual module with its own direct .php file in the root directory. ie. news.php, content.php, forums.php, etc.
My system still uses variables, of course, but the URL's are MUCH simpler. eg. content.php?pid=3 will display content page 3 instead of having to use modules.php?name=Content&op=showpage&pid=3. This should get spidered better from the search engines and make all the URL's "cleaner" to the user.
What I want to know from all you security experts is whether it is perfectly safe or not. The way I do it is to have the individual news.php and content.php files simply set some appropriate variables and then include the modules.php file directly to handle all the normal nuke permissions and security.
Here is the code for almost all of the individual news.php, content.php, etc. files:
Code:
// Function to capitalize the first letter of a string
function recase($string) {
return preg_replace('/\b(\d*)([a-z])/e', '"$1".ucfirst("$2")', strtolower($string));
}
// Set the module name to the name of this file, but capitalize the first letter
$name = recase(basename(__FILE__, ".php"));
$_REQUEST['name'] = $name;
// Require inclusion of the modules.php file so we get our security checks
// and everything we need prior to calling a modules files directly
require_once("modules.php");
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum
