FUDforum: comp.lang.php » Help with Security Have I coded this correctly?

Home » Imported messages » comp.lang.php » Help with Security Have I coded this correctly?

Show: Today's Messages :: Polls :: Message Navigator

Re: Help with Security Have I coded this correctly? [message #182087 is a reply to message #182075]

Mon, 08 July 2013 08:49

kishorguru99pvtltd
Messages: 1
Registered: July 2013

Karma:

Junior Member

On Thursday, July 4, 2013 12:05:09 AM UTC+5:30, Christoph Michael Becker wrote:
> Daniel Pitts wrote:
>
>> On 7/2/13 11:50 PM, chirag sharma wrote:
>
>>> I have created an online PHP code executor at http://web.guru99.com
>
>>>
>
>>> Though I have checked all security aspects ï¿½ do you experts see any
>
>>> major flaw that I need to care of?
>
>>>
>
>> I get a 403 forbidden on the AJAX request in both Chrome and Firefox.
>
>>
>
>> I don't know what you've done to protect against attack. Are you safe
>
>> against the following type of attack? Are you just scrubbing the input,
>
>> or have you actually locked-down and hardened the PHP itself?
>
>>
>
>> <?php
>
>> $foo = "scan";
>
>> $foo .= "dir";
>
>>
>
>> var_dump($foo('.'));
>
>> ?>
>
>
>
> When the AJAX request did work (about an hour ago), I was able to
>
> execute the following successfully:
>
>
>
> <?php
>
> print_r(glob("*"));
>
> ?>
>
>
>
> --
>
> Christoph M. Becker
> Thanks for reply
if disable "glob()" function it can be solve.

Report message to a moderator

[Message index]

		Help with Security Have I coded this correctly? By: chirag sharma on Wed, 03 July 2013 06:50
		Re: Help with Security Have I coded this correctly? By: Arno Welzel on Wed, 03 July 2013 15:05
		Re: Help with Security Have I coded this correctly? By: bill on Wed, 03 July 2013 16:31
		Re: Help with Security Have I coded this correctly? By: Arno Welzel on Tue, 09 July 2013 14:20
		Re: Help with Security Have I coded this correctly? By: Timothy on Wed, 03 July 2013 17:42
		Re: Help with Security Have I coded this correctly? By: Christoph Michael Bec on Wed, 03 July 2013 17:52
		Re: Help with Security Have I coded this correctly? By: Daniel Pitts on Wed, 03 July 2013 18:12
		Re: Help with Security Have I coded this correctly? By: Christoph Michael Bec on Wed, 03 July 2013 18:35
		Re: Help with Security Have I coded this correctly? By: kishorguru99pvtltd on Mon, 08 July 2013 08:49
		Re: Help with Security Have I coded this correctly? By: Jerry Stuckle on Mon, 08 July 2013 12:48

Previous Topic:	Consumir Web Service usando SoapClient y Certificados jsk
Next Topic:	How can i get value of text area?

Goto Forum:

-=] Back to Top [=-

[ Syndicate this forum (XML) ] [

]

Current Time: Thu Sep 19 16:28:37 GMT 2024

Total time taken to generate the page: 0.04210 seconds