very true, this can be a useful tool for a developer, but giving access via
a browser would be crazy. the developer needs to control this, not the
language. I run code that uses the dir class to synch servers, very
useful. but it is not available for the user to access. this should be
restricted at the server level.
or am i not understanding your comment?
Thiago Vinhas
<thiago@simpleweb To: [EMAIL PROTECTED]
.com.br> cc:
Subject: [PHP-INST] Malicious code
allows people to browse thru /
10/08/2002 02:01
PM
Hi. I found something that is really dangerous. I hope there is a
configuration variable on php.ini that denies what this script do, but
if not, PHP Developers must find a way to stop this. THe following code
allows someone to browse the entire directory three of a server.
Here is the code:
<?
$url="1.php";
if(!isset($file) && !isset($dir))$dir="/";
if(isset($dir)){
diretorio($dir);
}
if(isset($file)){
arquivo($file);
}
function diretorio($dir){
global $url;
echo "<b>$dir</b><br>";
$files=array();
$i=0;
$handle = @opendir($dir);
while ($file = @readdir($handle)) {
$files[$i++]=$file;
}
@closedir($handle);
for($refer=0;$refer < count($files);$refer++)
{
if(@is_dir("$dir/$files[$refer]")){
if($files[$refer] == ".."){
echo "<a
href=\"Javascript:history.back()\">[dir]...<b>$files[$refer]</b></a><br>";
}
else{
echo "<a
href=\"$url?dir=$dir/$files[$refer]\">[dir] <b>$files[$refer]</
b></a><br>";
}
}
else{
echo "<a
href=\"$url?file=$dir/$files[$refer]\">
; $files[$refer]</a><br>";
}
}
}
function arquivo($file){
echo "<a href=\"Javascript:history.back()\"><b>Voltar <<</b></a><br>";
$logfile = fopen ( "$file", "r");
$text = fread($logfile,filesize($file));
$text= ereg_replace("\n", "<br>", $text);
echo "$text";
}
?>
--
PHP Install Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
--
PHP Install Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
