PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!
. ї+]
.. ї+]
css
Warning: filemtime(): Stat failed for css (errno=2 - No such file or directory) in C:\web\dizin.php on line 27
Son Değiştirilme: 01.01.1970
Warning: filesize(): Stat failed for css (errno=2 - No such file or directory) in C:\web\dizin.php on line 33
Dosya Boyutu: 0 kB
db.php
Warning: filemtime(): Stat failed for db.php (errno=2 - No such file or directory) in C:\web\dizin.php on line 27
Son Değiştirilme: 01.01.1970
Warning: filesize(): Stat failed for db.php (errno=2 - No such file or directory) in C:\web\dizin.php on line 33
Dosya Boyutu: 0 kB
directions.php
Warning: filemtime(): Stat failed for directions.php (errno=2 - No such file or directory) in C:\web\dizin.php on line 27
Son Değiştirilme: 01.01.1970
Warning: filesize(): Stat failed for directions.php (errno=2 - No such file or directory) in C:\web\dizin.php on line 33
Dosya Boyutu: 0 kB
email.php
Warning: filemtime(): Stat failed for email.php (errno=2 - No such file or directory) in C:\web\dizin.php on line 27
Son Değiştirilme: 01.01.1970
Warning: filesize(): Stat failed for email.php (errno=2 - No such file or directory) in C:\web\dizin.php on line 33
Dosya Boyutu: 0 kB
gallery.php
Warning: filemtime(): Stat failed for gallery.php (errno=2 - No such file or directory) in C:\web\dizin.php on line 27
Son Değiştirilme: 01.01.1970
Warning: filesize(): Stat failed for gallery.php (errno=2 - No such file or directory) in C:\web\dizin.php on line 33
Dosya Boyutu: 0 kB
index.php
Son Değiştirilme: 30.03.2004
Dosya Boyutu: 0.043 kB
interface
Warning: filemtime(): Stat failed for interface (errno=2 - No such file or directory) in C:\web\dizin.php on line 27
Son Değiştirilme: 01.01.1970
Warning: filesize(): Stat failed for interface (errno=2 - No such file or directory) in C:\web\dizin.php on line 33
Dosya Boyutu: 0 kB
links.php
Warning: filemtime(): Stat failed for links.php (errno=2 - No such file or directory) in C:\web\dizin.php on line 27
Son Değiştirilme: 01.01.1970
Warning: filesize(): Stat failed for links.php (errno=2 - No such file or directory) in C:\web\dizin.php on line 33
Dosya Boyutu: 0 kB
managersroom
Warning: filemtime(): Stat failed for managersroom (errno=2 - No such file or directory) in C:\web\dizin.php on line 27
Son Değiştirilme: 01.01.1970
Warning: filesize(): Stat failed for managersroom (errno=2 - No such file or directory) in C:\web\dizin.php on line 33
Dosya Boyutu: 0 kB
newspics
Warning: filemtime(): Stat failed for newspics (errno=2 - No such file or directory) in C:\web\dizin.php on line 27
Son Değiştirilme: 01.01.1970
Warning: filesize(): Stat failed for newspics (errno=2 - No such file or directory) in C:\web\dizin.php on line 33
Dosya Boyutu: 0 kB
search.php
Warning: filemtime(): Stat failed for search.php (errno=2 - No such file or directory) in C:\web\dizin.php on line 27
Son Değiştirilme: 01.01.1970
Warning: filesize(): Stat failed for search.php (errno=2 - No such file or directory) in C:\web\dizin.php on line 33
Dosya Boyutu: 0 kB
squad.php
Warning: filemtime(): Stat failed for squad.php (errno=2 - No such file or directory) in C:\web\dizin.php on line 27
Son Değiştirilme: 01.01.1970
Warning: filesize(): Stat failed for squad.php (errno=2 - No such file or directory) in C:\web\dizin.php on line 33
Dosya Boyutu: 0 kB
training.php
Warning: filemtime(): Stat failed for training.php (errno=2 - No such file or directory) in C:\web\dizin.php on line 27
Son Değiştirilme: 01.01.1970
Warning: filesize(): Stat failed for training.php (errno=2 - No such file or directory) in C:\web\dizin.php on line 33
Dosya Boyutu: 0 kB
Hi, I just wanted to let you see the last version of my class.
I want to put this here, because I want to get some thought and reviews about it. Recommendations, Advantages,Disadvantages of using this, Bugs, etc..
Ok, now the final question =) Do you really want to show your users all the dirs your webservers has access to? =)
Approx a week ago I've seen a similar script in the thread about directory size calculation. Finally the topic starter invited everyone to see that script 'in action' and posted demo login and password. Guess what =) It took me about the 15 minutes to gain the full access to his site.
Such a scripts as directory browsers, online editors etc often create a hole in site security and should be developed with security in mind (or not developed at all).
Make sure that it's impossible to pass the relative path (with .. in it) to your class. Always prepend the path with './' (or some other path prefix) to make it impossible to user to pass the, say, '/home/your/personal/hidden/dir/' in dizin_goster GET variable...
i am thinking abut this security thing now.
well i can do this to customize users which folders are not authorized to be seen. and if $dizin_goster points these folders -> shows error...
what do you think? or do you have any suggestrions for more security?
mudkicker wrote:...which folders are not authorized to be seen...
I'd rather suggest to make the list of folders which user is authorized to see. Or you're putting yourself in danger to forget someday to restrict access to newly created folder.