Mod-Jay Posted May 6, 2011 Share Posted May 6, 2011 Hello, i Want the following code and the Variable $page To load a file in a folder. And get all of its contents. How would i do this? <?php $page = "{$_GET['page']}"; if(md5($_GET['page'] == '')) { } ?> Link to comment https://forums.phpfreaks.com/topic/235662-suggestion-need-some-help/ Share on other sites More sharing options...
spiderwell Posted May 6, 2011 Share Posted May 6, 2011 if you want to read a file on your server use fopen() i linked a simple example not sure why you have md5 in your code, as thats for hashing passwords Link to comment https://forums.phpfreaks.com/topic/235662-suggestion-need-some-help/#findComment-1211259 Share on other sites More sharing options...
fugix Posted May 6, 2011 Share Posted May 6, 2011 yes, what is the purpose of the code that you posted mod-jay? Link to comment https://forums.phpfreaks.com/topic/235662-suggestion-need-some-help/#findComment-1211260 Share on other sites More sharing options...
Zurev Posted May 6, 2011 Share Posted May 6, 2011 No purpose to having md5 as I can see, assuming you mean include a php file based on $_get["page"].... $page = $_GET["page"]; // Includes whatever page they want, totally insecure! // Could send a GET request with page = http://mysite.com/totalhackz0rscript.php include($page); // So we'll use whitelisting $acceptablePages = array( "page1.php", "page2.php", "page3.php"); if (in_array($_GET["page"], $acceptablePages)) { include($_GET["page"]); } else { exit("The page you requested is not allowed."): } Link to comment https://forums.phpfreaks.com/topic/235662-suggestion-need-some-help/#findComment-1211262 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.