Never include files from user input

Creating a navigation seems easy when you do this:

<a href="index.php?page=test">test</a>

And then include the page like this:


This is really dangerous. Hackers can use this to display/include/run every file on your server, and even on other servers!

Convert PHP Warnings and notices into fatal errors