I'm trying to prevent people to use path traversal on some code. I need to do this for an assigment I've been stuck on for too long. After testing the redirect I also have to check if the page "welkom'' has stayed the same.
$pagedir = "pages";
if (!isset($_GET['page'])) {
header("Location: ?page=welkom");
exit;
}
$page = $_GET['page'];
if (file_exists("$pagedir/$page")) {
print file_get_contents("$pagedir/$page");
}