PHP: Unterschied zwischen den Versionen
Zur Navigation springen
Zur Suche springen
Geist (Diskussion | Beiträge) |
Geist (Diskussion | Beiträge) |
||
| Zeile 86: | Zeile 86: | ||
[https://davidwalsh.name/php-ternary-examples PHP Shorthand If / Else Examples] | [https://davidwalsh.name/php-ternary-examples PHP Shorthand If / Else Examples] | ||
[https://stitcher.io/blog/shorthand-comparisons-in-php Shorthand comparisons in PHP] | [https://stitcher.io/blog/shorthand-comparisons-in-php Shorthand comparisons in PHP] | ||
| + | |||
| + | ==== PHP ERROR HANDLING IN SCRIPT ==== | ||
| + | [https://www.php.net/manual/en/language.exceptions.php Exceptions] | ||
| + | ''' try{}''' | ||
| + | ''' catch{}''' | ||
| + | ''' finally{}''' | ||
| + | [https://www.php.net/manual/de/errorfunc.configuration.php#ini.error-reporting Laufzeit-Konfiguration] | ||
Version vom 19. März 2022, 11:42 Uhr
Inhaltsverzeichnis
Secure "included php files"
index.php
<?php
if((!defined('z'))){ define('z','0'); }
include('file.php')
?>
file.php
<?php
if((!defined("z"))){exit;}
?>
HackBugZ | PHP-SECURE-INCLUDE-FILE
f611e2d0c2b292bce687e6c090956d63e396124abc17c2a2fa662c7ff6118ef2b43388c9d007cd2fadcad7d7952e6f855826028d58e5b1edd7264b2797996381
Secure php dynamic code build.
Example 1
<?php
$PAGES = array();
$PAGES = [
'home' => 'home.html'
,'about' => 'about.php'
,'contact' => 'somedir/contact.php'
];
@include(substr($PAGES[$_GET['p']] ?? ('home'), 0, 255));
exit;
?>
Example 2
<?php
$PAGES = array();
$PAGES = [
'home' => 'home.html'
,'about' => 'about.php'
,'contact' => 'somedir/contact.php'
];
@include($PAGES[$_GET['p']] ?? ('home'));
exit;
?>
CHANGE MAX UPLOAD FILESIZE
You can try it with .user.ini or .htaccess or ini_set(in your php script) For me .user.ini works perfectly
1. Create a new file(0644 on Linux) .user.ini on your webspace/working dir with max_execution_time = 10000 upload_max_filesize = 5000M post_max_size = 5000M
This is my config file .user.ini on my webspace and it works. You can change the values to your needs.
2. Create a new file(0644 on Linux) .htaccess on your webspace/working dir with php_value upload_max_filesize 1000M php_value post_max_size 1000M ! Don't forget the first dot/point at the beginning of the file.
3. Put this on the beginning of your php script
ini_set('upload_max_filesize', '1000M');
ini_set('max_execution_time', '1000');
ini_set('memory_limit', '128M');
ini_set('post_max_size', '1000M');
If this won't work(and you can't modify php.ini) than call your webhoster and ask him, what you can do :)
CHECK FOR DUPLICATE FILE WITH
$ sha1_file($file)
$ md5_file($file)
$ file_get_contents($file) Is SHA sufficient for checking file duplication? (sha1_file in PHP)
GET PATH OR FILE URL
echo __DIR__; echo __FILE__;
ternary operator
php short if/else PHP Shorthand If / Else Examples Shorthand comparisons in PHP
PHP ERROR HANDLING IN SCRIPT
Exceptions try{} catch{} finally{} Laufzeit-Konfiguration