PHP ʖ²ἯTH
º/A
Ղ 5. °²ȫ
΄¼þϵͳ°²ȫ
=ד 5-1. ±¡ȵµı䁿¼쑩½«µ¼ւ¡¡
?php // remove a file from the user's home directory $username = $_POST['user_submitted_name']; $homedir = "/home/$username"; $file_to_delete = "$userfile"; unlink ($homedir/$userfile); echo "$file_to_delete has been deleted!";?
?php // removes a file from anywhere on the hard drive that // the PHP user has access to. If PHP has root access: $username = "../etc/"; $homedir = "/home/../etc/"; $file_to_delete = "passwd"; unlink ("/home/../etc/passwd"); echo "/home/../etc/passwd has been deleted!";?
¼쑩˹Ӑ̡½»µı䁿¡£
?php // removes a file from the hard drive that // the PHP user has access to. $username = $_SERVER['REMOTE_USER']; // using an authentication mechanisim $homedir = "/home/$username"; $file_to_delete = basename("$userfile"); // strip paths unlink ($homedir/$file_to_delete); $fp = fopen("/home/logging/filedelete.log","+a"); //log the deletion $logstring = "$username $homedir $file_to_delete"; fputs ($fp, $logstring); fclose($fp); echo "$file_to_delete has been deleted!";?
?php $username = $_SERVER['REMOTE_USER']; // using an authentication mechanisim $homedir = "/home/$username"; if (!ereg('^[^./][^/]*$', $userfile)) die('bad filename'); //die, do not process if (!ereg('^[^./][^/]*$', $username)) die('bad username'); //die, do not process //etc...?
º/A
ưµ㼯A
°²װΪ Apache ģ¿鼯TD
ɏһ¼¶
ʽ¾ݿⰲȫ