why does this simple counter fail?
Paul Macdonald
paul at ifdnrg.com
Wed Mar 23 17:15:01 UTC 2011
On 23/03/2011 16:45, Gary Kline wrote:
> Guys,
>
> Can any of you php hackers tell me why this simple self-hacked
> counter bomb?
>
> appended.
>
> tia.
$file doesn't look to be set anywhere
if its a web script ( as opposed to cmd line cli) tyhen its probably
passed as a POST or GET variable.,
register_globals needs to be on for this variable to be auto set,
if the form is submitted via POST, change script to:
$directory="./countdir/";
$file=$_POST['file'];
....
if the form is submitted via GET (you'd see the file=variable in the address bar), change script to:
$directory="./countdir/";
$file=$_GET['file'];
....
Of course you want to sanitise this $file variable so that it can't be hacked.
--
-------------------------
Paul Macdonald
IFDNRG Ltd
Web and video hosting
-------------------------
t: 0131 5548070
m: 07534206249
e: paul at ifdnrg.com
w: http://www.ifdnrg.com
-------------------------
IFDNRG
40 Maritime Street
Edinburgh
EH6 6SA
-------------------------
More information about the freebsd-questions
mailing list