FUDforum: comp.lang.php » Help with Security

Home » Imported messages » comp.lang.php » Help with Security

Show: Today's Messages :: Polls :: Message Navigator

Re: Help with Security [message #182976 is a reply to message #173217]

Mon, 30 September 2013 16:18

Christoph Michael Bec
Messages: 207
Registered: June 2013

Karma:

Senior Member

Richard Yates wrotes:

> On Sun, 29 Sep 2013 21:47:47 -0700 (PDT), chirag sharma
> <chiragsharma(dot)guru99(at)gmail(dot)com> wrote:
>
>> Hi
>> I have created an online PHP code executor at http://web.guru99.comAlthough I have checked all security loopholes … do you experts see any major security leak that I need to care of?"
>
> <?php $d='7'; echo $d?>
>
> yields: 'syntax error, unexpected T_ENCAPSED_AND_WHITESPACE, expecting
> T_STRING'

<?php $d="7"; echo $d;?> works, though.

> <?php echo $d; ?>
>
> yields: 'Notice: Undefined variable: d in
> /home/code1/public_html/PHP/exec.php(69) : eval()'d code on line 1'
>
> Do you really want such errors with the defined path displayed?

Indeed, that should be avoided, particularly as one can do, for instance:

<?php
$files = new DirectoryIterator(".");
foreach ($files as $file) {
echo $file;
}
?>

--
Christoph M. Becker

Report message to a moderator

[Message index]

		Help with Security By: chirag sharma on Mon, 30 September 2013 04:47
		Re: Help with Security By: J.O. Aho on Mon, 30 September 2013 05:00
		Re: Help with Security By: Richard Yates on Mon, 30 September 2013 14:18
		Re: Help with Security By: Christoph Michael Bec on Mon, 30 September 2013 16:18
		Re: Help with Security By: Richard Yates on Mon, 30 September 2013 13:58
		Re: Help with Security By: Erwin Moller on Mon, 30 September 2013 15:20
		Re: Help with Security By: Richard Yates on Mon, 30 September 2013 18:20

Previous Topic:	Host recommendations (slightly OT)
Next Topic:	Shuffle problem

Goto Forum:

-=] Back to Top [=-

[ Syndicate this forum (XML) ] [

]

Current Time: Sat Nov 23 01:02:14 GMT 2024

Total time taken to generate the page: 0.03944 seconds