cixdk
-
Posts
7 -
Joined
-
Last visited
Never
Posts posted by cixdk
-
-
-
My website is warptweet.com, and I'm working on a new version.
The new version is http://www.warptweet.com/a-new
Can somebody try and download/steal a flash game from my site? I implemented some .htaccess to try and prevent hotlinking or downloading. Can somebody try and bypass this security, and give me suggestions on how to tighten the security?
I went to your site http://www.warptweet.com/a-new, clicked on Elastic Soccer. Looked at page source, pulled swf/elasticsoccer.swf from it went to http://www.warptweet.com/a-new/swf/elasticsoccer.swf then clicked File>Save
Page As. Uploaded it to my site. http://cixdev.info/elasticsoccer.swf . Seemed to be real easy actually, I don't know much about how you can secure it though.
-
So I re-worked it, and decided using $_get and a simple link would be a whole lot easier. Still accomplishes what I wanted too!
<?php $file = $_GET['file']; $upload_dir = './uploads/'; $file_path = $upload_dir . $file; if(is_file($file_path)) { unlink($file_path); echo "File " . $file . " deleted."; } $path = "./uploads/"; $dir_handle = opendir($path) or die("Unable to open $path"); echo "Files in this Directory: <br/>"; while ($file = readdir($dir_handle)) { if($file!="." && $file!="..") { echo "<img src='http://cixdev.info/uploads/$file' height='50' width='50' alt='$file'/> <a href='http://cixdev.info/uploads/$file'>http://cixdev.info/uploads/$file</a> <a href='http://cixdev.info/list.php?file=$file'>Delete</a><br> "; } } closedir($dir_handle); ?> -
What's this: $_POST[$file];
Where is $file set?
There's no point in sending a form when you don't know what the names of the fields are going to be. The values should be variable not the field names.
$file is set by the name of the file, so for the check boxes name=$file; make the name of checkbox the same name as the file? so if a check box was checked named corresponding to a file you wish to delete, you would be passing the name of the file to delete $_POST[$file]
I am probably completely wrong though.
-
What would be even more helpful is the error text. Do you have sufficient permissions for the directory/files?
Maybe I worded it wrong, I do not get any errors.
-
Spent a good 3-4 hours playing around still can't get this to work properly. I'm fairly new to php in general.
Purpose of code: Read files in a directory and display image icon, name, and a checkbox. The check box is to delete the images. It works fine except it doesn't delete any selected files, or give me an error. Any help would be.. well helpful
<?php $path = "/home/cix/public_html/uploads"; $dir_handle = @opendir($path) or die("Unable to open $path"); echo "Files in this Directory: <form enctype='multipart/form-data' action='list.php' method=POST><br/>"; while ($file = readdir($dir_handle)) { if($file!="." && $file!="..") echo " <img src='http://cixdev.info/uploads/$file' height='50' width='50' alt='$file'/> <a href='http://cixdev.info/uploads/$file'>http://cixdev.info/uploads/$file</a> <input type=checkbox name=$file><br/> "; } echo "<input type=submit name='GO'></form>"; closedir($dir_handle); if(isset($_POST[$file])) { $checkbox = $_POST[$file]; if($checkbox == on) { if(!unlink($file)) die("Couldn't Delete file"); } } ?>
Try Leeching a Game!
in Beta Test Your Stuff!
Posted
I think the hotlinking appears to work if you've previously loaded the swf file. However if you close your browser, re-open then go to your page it doesn't work.