with a little help, i was able to make [url]http://projep.t35.com/a.php[/url] which let me, put, say, ?a=contact after that url and contact.html would be loaded up in the middle. it’s my first php script… any security holes?
[code=php]<? include ‘top.html’; $mid = $_GET[‘a’]; include ($mid . “.html”); include ‘bottom.html’; ?>[/code]
@teenlifeFeb 02.2004 — #As long as you don't have any files on the server you wouldn't want loaded in there. As far as I know, if you use a php include like that, you can load a file which is in a password protected folder into the page without a problem.
@teenlifeFeb 02.2004 — #Using that last posted method it would be, but you could use a few if statements and another variable to set up a file type option as well.
[code=php] include 'top.html'; if ($filetype == "p") { $type = "php"; } if ($filetype == "h") { $type = "html"; } $mid = $_GET['a'] . ".$type";
if (file_exists($mid)) { include ($mid); } include 'bottom.html'; [/code]
like i said i'm a total php noob but i like to know what goes into my pages.. i dont think i need a filetype, ill just link to html with my a.php and .htm with my s.php files.
@ermauFeb 02.2004 — #[i]Originally posted by teenlife [/i]
[B]Using that last posted method it would be, but you could use a few if statements and another variable to set up a file type option as well.
[code=php] include 'top.html'; if ($filetype == "p") { $type = "php"; } if ($filetype == "h") { $type = "html"; } $mid = $_GET['a'] . ".$type";
if (file_exists($mid)) { include ($mid); } include 'bottom.html'; [/code] [/B][/QUOTE] Except that code depends on register_globals to be set to on, and therefore won't work on quite a few servers.
Why don't you just have a=page.html or a=page.php instead of having to try to find the extension type?
[code=php] if (file_exists($_GET['a'])) { include $_GET['a']; } [/code]
@PunkSktBrdr01Feb 02.2004 — # Why don't you just have a=page.html or a=page.php instead of having to try to find the extension type? [/quote]
This leads to a serious security risk, as anyone could use this to open almost any file on the server. A better method of checking for the file type would be this:
[code=php] <?php include "top.html"; $fileName = $_GET['page']; $fileType = $_GET['type']; switch ($fileType) { case 1: $fileType = "html"; break; case 2: $fileType = "htm"; break; case 3: $fileType = "php"; break; case 4: $fileType = "shtml"; break; default: $fileType = "html"; } $fileNameFull = $fileName . "." . $fileType; if (file_exists($fileNameFull)) { include ($fileNameFull); } else { echo "Error! " . $fileNameFull . " does not exist!n"; } include "bottom.html"; ?> [/code]
@PunkSktBrdr01Feb 02.2004 — #The only damage that could be done would be that someone could load any html file. If the extension is always ".html", they won't be able to load anything but HTML files.
@Ben_RogersauthorFeb 02.2004 — #ok... and anyways, if they wanted to, they could just type in the url, lol. and i have a free server so they could just make an account, and have all the same powers as me
@ermauFeb 03.2004 — #[i]Originally posted by PunkSktBrdr01 [/i]
[B]This leads to a serious security risk, as anyone could use this to open almost any file on the server. A better method of checking for the file type would be this:[/B][/QUOTE]
Not really considering they could alternatively just type in the url normally and access that file, therefore it doesn't make a bit of difference.