Karl, Some simple checks on $contpath could solve your problem. Make sure that: - it doesn't start with a / - doesn't contain /../ - it doesn't contain a double slash //, or make sure the URL Fopen wrapper is disabled: http://nl3.php.net/manual/en/ref.filesystem.php#ini.allow-url-fopen Usually $contpath = str_replace('/', '', $contpath); takes care of everything. On 04/09/07, Karl-Heinz Schulz <karlheinz@xxxxxxxxxxxx> wrote: > > It was able to call up external includes using the below code which > resulted that the server was used to send out spam. > > How can I protect the code? > > TIA > > <?php > > session_start(); > > > //----------------------------------------------------------------------------------------------- > > // index.php > > > //----------------------------------------------------------------------------------------------- > > include("../inc/const.php"); > > include("../inc/mysql.php"); > > $menu=2; > > include("../inc/static.php"); > > //include("../inc/prolog.php"); > > $base = getenv("SERVER_NAME").getenv("SCRIPT_NAME"); > > //$menu = $HTTP_GET_VARS['menu']; > > $submenu_list = $HTTP_GET_VARS['submenu_list']; > > $contfile = $HTTP_GET_VARS['contfile']; > > $id = $HTTP_GET_VARS['id']; > > $stk = $HTTP_GET_VARS['stk']; > > $contpath = $HTTP_GET_VARS['contpath']; > > if ($contpath=="") > > { $contpath="./"; } > > ?> > > <html> > > <head> > > <title>Neuer Wissenschaftlicher Verlag - <?php print > $typ_subnav[$menu]?></title> > > <script language="javascript" SRC="../js/rollover.js"></script> > > <link rel="stylesheet" href="../css/bor.css"> > > </head> > > <body bgcolor="#ffffff" topmargin="0" leftmargin="0" marginheight="0" > marginwidth="0" link="#006666" vlink="#006666" alink="#006666"> > > <table height="100%" width="100%" topmargin="0" cellspacing="0" > cellpadding="0" border="0"> > > <tr valign="top" height="105"> > > <td colspan="3" valign="top"> > > <? include("../inc/prolog.php");?> > > </td> > > </tr> > > <tr valign="top" height="30"> > > <td valign="top" height="30" > background="../../img_pool/bg_left_right.gif"><? > include("../inc/leftmenu.php");?></td> > > <td width="100%"> </td> > > <!-- hier ist die rechte spalte mit dem background --> > > <!-- <td height="30" > background="../../img_pool/bg_left_right.gif"><img src="../img/trans.gif" > width="180" height="1"></td> --> > > </tr> > > <tr valign="top"> > > <td valign="top" > background="../../img_pool/bg_left_right.gif"><?php nav_menupic($menu);?> > > <?php > > > //---------------------------------------------------------------------------------------- > > // Subnavigation > > > //---------------------------------------------------------------------------------------- > > include("../inc/subnav.php"); > > ?> > > </td> > > <!-- END LEFT-NAV --> > > <td valign="top"> > > <?php include($contpath . "/content.php");?> > > <!-- END CONTENT --> > > </td> > > > > <?//php include("../inc/epilog.php"); > > ?> > > </tr> > > </table> > > > > </body> > > > > </html> > > -- Interpotential.com Phone: +31615397471
