Warning! Above code is insecure!
Lets attacker execute arbitrary code available on the server. (For example, what happens when someone uses id=…/…/…/other_user/comproming_script ? I don’t know either. That should make you nervous. Another interesting idea would be calling id=…/something.php. Watch as PHP enters a recursive loop including the same file over, and over and over until something dies.)
Always, always, always, and oh yah, always, check data. BTW, you don’t need use the Location:index.php?id=Main bit either. Just…
$_GET'id'] = 'Main';
or… if you feel really frisky…
$_GET'id'] = empty($_GET'id']) ? 'Main' : $_GET'id'];
Another nitpick is that this isn’t dynamic linking. Its basically just including. At which point you’re better off just using .htaccess (or appropriate platform-specific replacement) and setting auto_prepend_file/auto_append_file php settings. You’re organizing the files along the way the fileystem is internally, so you may as well just stick the header/footer on around the actual file.
(IE: why put all your content in include/news.php and then load it when you receive requests for http://foo.com/news.php when you can just go to http://foo.com/news.php?)
I have been doing this for awhile, and really like the system. Soo… some “sample code”. I store all my content as xml (because I can I guess.) A sample content file looks like:
<content>This is the page content</content>
My htaccess looks like:
php_value auto_prepend_file header.php
php_value auto_append_file footer.php
(For those with weak regex foo, it basically just has all files without extensions execute as PHP. I just think its cool to hide extensions. I’m weird like that)
The header file basically just includes library classes and starts output buffering. PHP then dumps the file to the output buffer (trivia: ob_start(), echoing stuff, then ob_get_contents() and ob_end_clean() is the fastest way to concat string in PHP. Faster than an array and implode(), faster than ‘something’.‘something’. Its magic. :D), and I pickup the output in footer.php, and start processing. (IE: replace templating code with the actual HTML I want. Executing behaviors like posting comments, etc).
Now that I’ve rambled this long, I’ll go away.