PHP: Unterschied zwischen den Versionen
Zur Navigation springen
Zur Suche springen
Geist (Diskussion | Beiträge) |
Geist (Diskussion | Beiträge) |
||
| Zeile 38: | Zeile 38: | ||
@include($PAGES[$_GET['p']] ?? ('home')); | @include($PAGES[$_GET['p']] ?? ('home')); | ||
exit; | exit; | ||
| + | ?> | ||
| + | |||
| + | <?php | ||
| + | ini_set('post_max_size', '512M'); | ||
| + | ini_set('upload_max_filesize', '512M'); | ||
?> | ?> | ||
Version vom 23. Dezember 2021, 13:11 Uhr
Secure "included php files"
index.php
<?php
if((!defined('z'))){ define('z','0'); }
include('file.php')
?>
file.php
<?php
if((!defined("z"))){exit;}
?>
f611e2d0c2b292bce687e6c090956d63e396124abc17c2a2fa662c7ff6118ef2b43388c9d007cd2fadcad7d7952e6f855826028d58e5b1edd7264b2797996381
Secure php dynamic code build.
Example 1
<?php
$PAGES = array();
$PAGES = [
'home' => 'home.html'
,'about' => 'about.php'
,'contact' => 'somedir/contact.php'
];
@include(substr($PAGES[$_GET['p']] ?? ('home'), 0, 255));
exit;
?>
Example 2
<?php
$PAGES = array();
$PAGES = [
'home' => 'home.html'
,'about' => 'about.php'
,'contact' => 'somedir/contact.php'
];
@include($PAGES[$_GET['p']] ?? ('home'));
exit;
?>
<?php
ini_set('post_max_size', '512M');
ini_set('upload_max_filesize', '512M');
?>