Re: file_exists

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Ronald Wiplinger wrote:
Stut wrote:
Philip Thompson wrote:
I've run into similar problems where I *thought* I was looking in the
correct location... but I wasn't. Take this for example....

<?php // index.php?page=hello/hi
$page = $_GET['page'];
if (file_exists ("$page.php")) {
    include ("$page.php");
}
?>
I really hope this is not a piece of production code. If it is then
you might want to think very hard about what it's doing. If you still
can't see a problem let me know!

Ok, I let you know! I don't see it!

I tried the full path like:

if (file_exists('/srv/www/xxxx/dddd/htdocs/images/pic412.jpg')) {
    echo "<IMG SRC='images/pic412.jpg'>";
} else {
    echo "&nbsp;"                   //    display space to make a table happy if picture is missing!
}


I also tried it with that line:
if (file_exists('/images/pic412.jpg')) {

or that line:
if (file_exists('images/pic412.jpg')) {


Basically I just want to avoid to show a "missing picture" ! If there is another solution for that problem I am happy too.

bye

Ronald

I believe Stut was referring to the RFI vulnerability in that example not your ability to see the problem. Go to the web page that you're having the issue with and look at the page source from the browser. Find the img tag and see what is src="" and try to goto that file in your browser. Also can you use a pastebin and post your code and give his the url to the site in
question?

William Betts

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php


[Index of Archives]     [PHP Home]     [Apache Users]     [PHP on Windows]     [Kernel Newbies]     [PHP Install]     [PHP Classes]     [Pear]     [Postgresql]     [Postgresql PHP]     [PHP on Windows]     [PHP Database Programming]     [PHP SOAP]

  Powered by Linux