FUDforum
Fast Uncompromising Discussions. FUDforum will get your users talking.

Home » Imported messages » comp.lang.php » Help with Security Have I coded this correctly?
Show: Today's Messages :: Polls :: Message Navigator
Return to the default flat view Create a new topic Submit Reply
Re: Help with Security Have I coded this correctly? [message #182087 is a reply to message #182075] Mon, 08 July 2013 08:49 Go to previous messageGo to previous message
kishorguru99pvtltd is currently offline  kishorguru99pvtltd
Messages: 1
Registered: July 2013
Karma:
Junior Member
On Thursday, July 4, 2013 12:05:09 AM UTC+5:30, Christoph Michael Becker wrote:
> Daniel Pitts wrote:
>
>> On 7/2/13 11:50 PM, chirag sharma wrote:
>
>>> I have created an online PHP code executor at http://web.guru99.com
>
>>>
>
>>> Though I have checked all security aspects � do you experts see any
>
>>> major flaw that I need to care of?
>
>>>
>
>> I get a 403 forbidden on the AJAX request in both Chrome and Firefox.
>
>>
>
>> I don't know what you've done to protect against attack. Are you safe
>
>> against the following type of attack? Are you just scrubbing the input,
>
>> or have you actually locked-down and hardened the PHP itself?
>
>>
>
>> <?php
>
>> $foo = "scan";
>
>> $foo .= "dir";
>
>>
>
>> var_dump($foo('.'));
>
>> ?>
>
>
>
> When the AJAX request did work (about an hour ago), I was able to
>
> execute the following successfully:
>
>
>
> <?php
>
> print_r(glob("*"));
>
> ?>
>
>
>
> --
>
> Christoph M. Becker
> Thanks for reply
if disable "glob()" function it can be solve.
[Message index]
 
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Previous Topic: Consumir Web Service usando SoapClient y Certificados jsk
Next Topic: How can i get value of text area?
Goto Forum:
  

-=] Back to Top [=-
[ Syndicate this forum (XML) ] [ RSS ]

Current Time: Wed Nov 27 16:31:34 GMT 2024

Total time taken to generate the page: 0.05314 seconds