From owner-freebsd-questions@FreeBSD.ORG Wed Mar 23 17:18:02 2011 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id B1A01106566B for ; Wed, 23 Mar 2011 17:18:02 +0000 (UTC) (envelope-from editor@d3photography.com) Received: from server.cwis.biz (70-89-202-5-invergrove-mn.hfc.comcastbusiness.net [70.89.202.5]) by mx1.freebsd.org (Postfix) with ESMTP id 830078FC14 for ; Wed, 23 Mar 2011 17:18:02 +0000 (UTC) Received: from server.cwis.biz (localhost [127.0.0.1]) by server.cwis.biz (Postfix) with ESMTP id 502DA26399CB; Wed, 23 Mar 2011 12:18:24 -0500 (CDT) X-Virus-Scanned: amavisd-new at cwis.biz Received: from server.cwis.biz ([127.0.0.1]) by server.cwis.biz (server.cwis.biz [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ngqZQfx6IuYK; Wed, 23 Mar 2011 12:18:11 -0500 (CDT) Received: from [192.168.46.76] (unknown [64.122.64.171]) by server.cwis.biz (Postfix) with ESMTPSA id A56E826399C7; Wed, 23 Mar 2011 12:18:10 -0500 (CDT) Mime-Version: 1.0 (Apple Message framework v1082) Content-Type: text/plain; charset=us-ascii From: Ryan Coleman In-Reply-To: <4D8A2A90.4040407@ifdnrg.com> Date: Wed, 23 Mar 2011 12:17:45 -0500 Content-Transfer-Encoding: quoted-printable Message-Id: <8D24A40B-A76B-4753-9616-6CC57A597CDC@d3photography.com> References: <20110323164504.GA25317@thought.org> <4D8A2A90.4040407@ifdnrg.com> To: Paul Macdonald X-Mailer: Apple Mail (2.1082) Cc: Gary Kline , FreeBSD Mailing List Subject: Re: why does this simple counter fail? X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 23 Mar 2011 17:18:02 -0000 On Mar 23, 2011, at 12:14 PM, Paul Macdonald wrote: > On 23/03/2011 16:45, Gary Kline wrote: >> Guys, >>=20 >> Can any of you php hackers tell me why this simple self-hacked >> counter bomb? >>=20 >> appended. >>=20 >> tia. > $file doesn't look to be set anywhere >=20 > if its a web script ( as opposed to cmd line cli) tyhen its probably = passed as a POST or GET variable., >=20 > register_globals needs to be on for this variable to be auto set, >=20 > if the form is submitted via POST, change script to: >=20 > $directory=3D"./countdir/"; > $file=3D$_POST['file']; > .... >=20 > if the form is submitted via GET (you'd see the file=3Dvariable in the = address bar), change script to: >=20 > $directory=3D"./countdir/"; > $file=3D$_GET['file']; > .... >=20 > Of course you want to sanitise this $file variable so that it can't be = hacked. Additionally you could do: $file =3D $_SERVER['PHP_SELF']; Which will tie the filename to the actual PHP file. But you might want to do something like... $file =3D urlencode($_SERVER['REQUEST_URI']).".txt"; to make it the full url, safe vars for file names and add .txt to make = it readable in other things not FreeBSD.=