[PHP] Security Issue

Karl-Heinz Schulz Tue, 04 Sep 2007 05:34:20 -0700

It was able to call up external includes using the below code which resulted
that the server was used to send out spam.
How can I protect the code?


TIA

<?php
session_start();
//--------------------------------------------------------------------------
---------------------
// index.php
//--------------------------------------------------------------------------
---------------------
include("../inc/const.php");
include("../inc/mysql.php");
 $menu=2;
include("../inc/static.php");
//include("../inc/prolog.php");
$base = getenv("SERVER_NAME").getenv("SCRIPT_NAME");
//$menu = $HTTP_GET_VARS['menu'];
$submenu_list = $HTTP_GET_VARS['submenu_list'];
$contfile = $HTTP_GET_VARS['contfile'];
$id = $HTTP_GET_VARS['id'];
$stk = $HTTP_GET_VARS['stk'];
$contpath = $HTTP_GET_VARS['contpath'];
if ($contpath=="")
{ $contpath="./"; }
?>
<html>
<head>
        <title>Neuer Wissenschaftlicher Verlag - <?php print
$typ_subnav[$menu]?></title>
        <script language="javascript" SRC="../js/rollover.js"></script>
        <link rel="stylesheet" href="../css/bor.css">
</head>

<body bgcolor="#ffffff" topmargin="0" leftmargin="0" marginheight="0"
marginwidth="0" link="#006666" vlink="#006666" alink="#006666">

<table height="100%" width="100%" topmargin="0" cellspacing="0"
cellpadding="0" border="0">

<tr valign="top" height="105">
    <td colspan="3" valign="top">
        <? include("../inc/prolog.php");?>
    </td>
</tr>
<tr valign="top" height="30">
    <td valign="top" height="30"
background="../../img_pool/bg_left_right.gif"><?
include("../inc/leftmenu.php");?></td>
    <td width="100%">&nbsp;</td>
    <!-- hier ist die rechte spalte mit dem background -->
    <!-- <td height="30" background="../../img_pool/bg_left_right.gif"><img
src="../img/trans.gif" width="180" height="1"></td> -->
</tr>
<tr valign="top">
        <td valign="top" background="../../img_pool/bg_left_right.gif"><?php
nav_menupic($menu);?>
            <?php
 
//--------------------------------------------------------------------------
--------------
          //  Subnavigation
 
//--------------------------------------------------------------------------
--------------
                include("../inc/subnav.php");
                ?>
        </td>


<!-- END LEFT-NAV -->
     <td valign="top">
     <?php include($contpath . "/content.php");?>
<!-- END CONTENT -->
     </td>
     
     <?//php include("../inc/epilog.php");
     ?>

  </tr>
 </table>
 
 </body>
 
</html>

smime.p7s
Description: S/MIME cryptographic signature

[PHP] Security Issue

Reply via email to