Zoltán Németh wrote: > 2007. 06. 15, péntek keltezéssel 14.45-kor Ross ezt írta: >> I have a display_image.php page >> >> <?php >> >> >> >> $image = imagecreatefromjpeg($img_url); > > where do you get $img_url from? GET request? > then do something like > > $img_url = $_GET['img_url']; > if (!file_exists($img_url)) die "bad hacker"; I have /etc/passwd on my system - I'd rather not have the potential for some hacker to abuse a bug in GDlib that allows extraction/output of abitrary files ... SO ... although Zoltan (I can't f-ing remember which is your first name, because first came last, and then it might have been switched for the benefit of american who can't grasp that some people somewhere actually do things differently, but then again it might not have been - oh and you can forget the diacritics - I'm just to lazy ;-)) is right in that you should check the requested $img_url I would add that the checks/constraints should be much more rigid, e.g.: $file = '/path/to/my/image/store/'.basename($_GET['img_url']); if (file_exists($file)) die "ya momma."; -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
