After reading the relevant threads about secure includes i've made some changes to mine - Could readers tell me whether the following include script (that includes a particular page of an article) and navigation script (that provides navigation for the article) are in any way vulnerable?
include script
Code: Select all
if (empty($_GET['page'])) @require_once ("1.htm");
else
{
switch ($_GET['page']) {
case "1": @require_once("1.htm"); break;
case "2": @require_once("2.htm"); break;
case "all":
for ($i=1; $i<3; $i++)
{
@require_once ("$i.htm");
}
break;
default: @require_once("1.htm"); break;
}
}Code: Select all
if (empty($_GET['page']))
{
echo "<li><a href='?page=all'>all</a></li>";
echo "<li><a href='?page=2'>2</a></li>";
echo "<li>1</li>";
}
elseif (!empty($_GET['page']) && is_numeric($_GET['page']) && $_GET['page'] < 3 && $_GET['page'] > 0)
{
echo "<li><a href='?page=all'>all</a></li>";
for ($i=2; $i>0; $i--)
{
if ($i == $_GET['page'])
{
echo "<li>$i</li>\n";
}
else
{
echo "<li><a href='?page=$i'>$i</a></li>\n";
}
}
$_GET['page'] = null;
}
elseif (!empty($_GET['page']) && !is_numeric($_GET['page']) && $_GET['page'] == "all")
{
echo "<li>all</li>";
for ($i=2; $i>0; $i--) echo "<li><a href='?page=$i'>$i</a></li>\n";
}
elseif ($_GET['page'] < 0 || $_GET['page'] > 2 || $_GET['page'] !== "all")
{
echo "<li><a href='?page=all'>all</a></li>";
echo "<li><a href='?page=2'>2</a></li>";
echo "<li>1</li>";
}