469,570 Members | 1,718 Online
Bytes | Developer Community
New Post

Home Posts Topics Members FAQ

Post your question to a community of 469,570 developers. It's quick & easy.

Help with 'failed to open stream: No such file or directory in ...'

Hie

I'm trying to pass variables between pages using URLs however I am encountering the following error when I do so:

Warning: main(jobSheetDisplay.php?id=20071403PB136CoA) [function.main]: failed to open stream: No such file or directory in /home/computio/public_html/gto/index.php on line 43

Warning: main() [function.include]: Failed opening 'jobSheetDisplay.php?id=20071403PB136CoA' for inclusion (include_path='.:/usr/lib/php:/usr/local/lib/php') in /home/computio/public_html/gto/index.php on line 43

My code for the index.php is:

<?php
if(isset($_SESSION['loginStatus']))
{
if($_SESSION['loginStatus'] == 1)
{
$page = $_GET['page'];
if($page)
{
include($page);
} else{
include("manageMain.php");
}
)
}
else
{
include("loginForm.php");
}
?>

The page that has got the hyperlink that leads to the stuffed up page is as follows:

<?php
$min = 15;
?>
<a href="index.php?page=jobSheetDisplay.php?id=
<?php displayEnteredInfo($t,$min);?> ">
<?php
echo displayEnteredInfo($t,$min);
?></a>

When I click this hyperlink it gives me the above error messages but if i remove the "index.php?page=" bit in the above URL it works perfectly, I however need to use some of the stuff on the index page so code some please help me on how to go about the problem..

Thanx simba
Mar 14 '07 #1
2 13703
You should probably user
<a href="index.php?page=jobSheetDisplay.php%3Fid=
Mar 18 '07 #2
And if you do what I wrote, you will probably include the correct .php-file, but you will not pass the id-parameter along. Includes work only on filenames, and not URLs.

So instead I suggest you do it something like:
[HTML]
<a href="index.php?page=jobSheetDisplay.php&id=
[/HTML]
When jobSheetDisplay.php is included it can read the same $_GET-variables as index.php - it ought to work just like that.

This said I must warn you: If you just issue an include to any and all $_GET['page'] variables, your website is wide open to an attack. It will take a hacker less than a minute to upload a .php file to your site, and get complete control. The hacker will then be able to put a phishing-page on your site.

Never trust input from users. May I suggest you do something like:
[HTML]
<a href="index.php?page=1&id=
[/HTML]
and then in PHP
[PHP]
switch($_GET['page']) {
case 1: include('jobSheetDisplay.php'); break;
case 2: include('someotherpage.php'); break;
}
[/PHP]
Mar 18 '07 #3

Post your reply

Sign in to post your reply or Sign up for a free account.

Similar topics

2 posts views Thread by JDJones | last post: by
3 posts views Thread by Simon Brooke | last post: by
11 posts views Thread by cybervigilante | last post: by
2 posts views Thread by grozanc | last post: by
6 posts views Thread by Andy2500 | last post: by
By using this site, you agree to our Privacy Policy and Terms of Use.