|
|
wicked...
That is slick
Cheers
How do I print my voice mail?
|
|
|
|
|
Hello,
i programmed a php based website for our company. Yesterday i was shocked to see that some polish hackers changed my index.php, but nothing else was touched. On their side they posted an article about this hack where they re talking about a php bug??
I took all php files from the server because i don't know wheres the security leak.
here is the code of index.php:
<br />
<br />
<?php<br />
<br />
include "header.inc.php";<br />
<br />
global $PHP_SELF;<br />
<br />
?><br />
<!--- main content ---><br />
<br />
<br />
<br />
<br />
<tr><td align=left><br />
<table width=800 cellspacing="0" cellpadding="0" border="1"><br />
<tr><br />
<td colspan="2" height="5"><img src="im/spacer.gif" height="5" width="1"></td><br />
</tr><br />
<tr><br />
<td colspan="2" height="40"><br />
<table width=800 height=100% cellspacing="0" cellpadding="0" border="0"><br />
<tr><br />
<td align="left"><?php echo"<a href=\"$PHP_SELF?lang=$lang&id=home.php\">";?><img src="im/3dswlogo.gif" border=0></a></td><br />
<td align="right"><?php echo "<img src=\"im/$description\">"; ?></td><br />
</tr><br />
</table><br />
</td></tr><br />
<tr><br />
<td colspan="2" height="40"><?php echo "<a class=linkgrey href=\"$PHP_SELF?id=home.php&lang=de\">deutsch</a><span class=linkgrey> / </span><a class=linkgrey href=\"$PHP_SELF?id=home.php&lang=en\">english</a> ";?></td><br />
</tr><br />
</table><br />
</td></tr><br />
<br />
<br />
<tr><br />
<td height="1" background="im/dot.gif"></td><br />
</tr><br />
<br />
<br />
<tr><td align=left><br />
<table width=800 cellspacing="0" cellpadding="0" border="1"><br />
<tr><br />
<td align=left height="20"><img src="im/phone.gif"> </td><br />
<td align="right" height="20"><?php echo"<a class=navi href=\"$PHP_SELF?lang=$lang&id=home.php\">$home";?></a> | <?php echo"<a class=navi href=\"$PHP_SELF?lang=$lang&id=kontakt.php\">$kontakt";?></a> | <?php echo"<a class=navi href=\"$PHP_SELF?lang=$lang&id=impressum.php\">$impressum";?></a> </td><br />
</tr><br />
</table><br />
</td></tr><br />
<br />
<br />
<tr><br />
<td height="1" background="im/dot.gif"></td><br />
</tr><br />
<br />
<br />
<tr><td align=left><br />
<table width=800 cellspacing="0" cellpadding="0" border="0"><br />
<tr><br />
<td colspan="2" height="40"><img src="im/spacer.gif" height="40" width="1"></td><br />
</tr><br />
<br />
<br />
<br />
<br />
<br />
<br />
<tr valign=top><br />
<br />
<td><br />
<br />
<table width=179 cellspacing="0" cellpadding="0" border="0" align=top"><br />
<tr><td align=right><br />
<?php<br />
echo" <map name=\"navi\">";<br />
echo" <area shape=\"RECT\" coords=\"71,257,71,257\">";<br />
echo" <area shape=\"RECT\" coords=\"147,30,147,30\">";<br />
echo" <area href=\"$PHP_SELF?lang=$lang&id=dienstleistungen.php\" coords=\"-5,6,151,78\">";<br />
echo" <area href=\"$PHP_SELF?lang=$lang&id=produkte.php\" coords=\"-5,98,151,182\">";<br />
echo" <area href=\"$PHP_SELF?lang=$lang&id=gallery.php\" coords=\"3,197,151,269\">";<br />
echo" <area href=\"$PHP_SELF?lang=$lang&id=news.php\" coords=\"-5,281,151,313\">";<br />
echo" <area href=\"$PHP_SELF?lang=$lang&id=jobs.php\" coords=\"-29,325,151,361\">";<br />
echo" </map>";<br />
<br />
?><br />
<br />
<br />
<?php echo "<img src=\"im/$navi\" width=\"179\" height=\"373\" border=\"0\" usemap=\"#navi\">"; ?> <br />
<br />
<br />
<br />
<br />
</td></tr><br />
<br />
<br />
<br />
</table><br />
<br />
<br />
</td><br />
<td align=left><br />
<br />
<?php<br />
<br />
if($id == FALSE){<br />
<br />
include "home.php";<br />
<br />
}<br />
else<br />
{<br />
<br />
include "$id";<br />
<br />
}<br />
<br />
?><br />
<br />
</td><br />
</tr><br />
</table><br />
<br />
<br />
<br />
<br />
<?php<br />
<br />
include "footer.inc.php";<br />
<br />
?><br />
any ideas??
Thanks, Mark
|
|
|
|
|
Format your code and use PRE tags.
Then i'll take a look
How do I print my voice mail?
|
|
|
|
|
|
Under most circumstances I would just ignore any post like that, but i'm curious to see if I can find the hole, so I kind of hope macmac38 updates the message.
How do I print my voice mail?
|
|
|
|
|
This has nothing to do with the security leak, but why don't you use HTML templates? Those make the script more readable, easier to read and look more professional...
A student knows little about a lot.
A professor knows a lot about little.
I know everything about nothing.
|
|
|
|
|
Hello all,
in the meantime i know where the leak is.
if($id == FALSE){
include "home.php";
}
else
{
include "$id";
}
this let you include any folder you like...
you see i also can format my posting
by the way do you know any good tutorials for php and html template working? I looked a some but this looks all like much script work in the background..
Thanks, Mark
|
|
|
|
|
Hello,
I've read a book on secure PHP development. The title: Secure PHP Development by Mohammed J. Kabir
The website:
www.wiley.com/compbooks/[^]
A student knows little about a lot.
A professor knows a lot about little.
I know everything about nothing.
|
|
|
|
|
Hi,
Can I use window.showmodal from c#?
Sombody help me?
|
|
|
|
|
No. That's a client-side DOM method. You can use C# to create a string that contains this method and output that in a control or page, but that's about the extent of it.
Michael Flanakin
Web Log
|
|
|
|
|
Hi,
I am trying to deploy an ASP application on Windows 2003 server. The application relies on RDS. Now in Windows 2000, I just create a virtual diretory of MSADC and it would work. Now in 2003, I am getting an error Internet Server Error: Object/module not
found. I have read that I just need to enable the web extension for MSADC, but it's still not working. There's somethign I read also that indicates that RDS has some security issues and probably fixed it. There's suppose to be a link to enable MSADC, but microsoft took it down or something like that. Does anyone know what's going on. Thanks,
|
|
|
|
|
I have a page that inserts a record into a SQL database. when on the development server and the development database this worked fine. I then moved everything to production and now it inserts 2 identical records into the database. I even tried pointing my dev code at the prod database and everything works fine. when I point the prod code at the dev database it inserts 2 records. the 2 sets of code are identical. Has anyone seen this before and if so do you have any possible solutions
Thanks,
Bill
|
|
|
|
|
Has anyone seen this before. Actually what is happening is that when I call my asp file that gets the data from the form and does the insert into the database the file is being called twice in production only once on the dev server. any suggestions.
Bill
|
|
|
|
|
Is there any code in the submit button? If yes, then does this javascript code include form.submit() statememt..?
If it does, then remove form.submit() line.
Om Prakash
|
|
|
|
|
How to write use case for a web portal ? How to start ?
Hi all this is Deeps..
|
|
|
|
|
Use cases are written the same, no matter what they are for. There may be some cases when you will find things that do/don't need to be in the use case, but for the most part, they're all the same.
Here's the basic content of an average use case, tho...
1. My Use Case
1.1 Brief Description
1.2 Workflow Diagram
1.3 Actors
2. Flow of Events
2.1 Basic Flow
2.2 Alternate Flows
2.2.1 Alternate Flow 1
2.2.2 Alternate Flow 2
2.2.3 ...
3. Special Requirements
4. Pre-Condition
4.1 Pre-condition 1
4.2 Pre-condition 2
4.3 ...
5. Extensions Points
5.1 Includes
5.2 Extends
Michael Flanakin
Web Log
|
|
|
|
|
Thanks It helped.
Thanks in advance
Deeps..
|
|
|
|
|
ok so i have a form that has a droplist in it
when the selection changes i want to fire the submit event
so i add this:
<form name='fp' method='post' action='blah.blah'>
<select name='fptype' onChange='document.fp.submit()'>
---
rest of form
---
</form>
and all i get is errors saying:
document.fp.submit is not a function
am i being an idiot or did something change when i wasnt looking?
"there is no spoon" biz stuff about me
|
|
|
|
|
uhm, I tried the exact code you described and it worked for me (in IE that is). Are you using a different browser?
As reference though, this is a more programatically correct approach:
<html>
<script language='javascript'>
<!--
function onchangeOptions()
{
var frm = document.getElementById("fp");
if (frm) frm.submit();
}
</script>
<body>
<form id='fp' name='fp' action='http://localhost' method='post'>
<select name='fptype' onChange='onchangeOptions()'>
<option>1</option>
<option>2</option>
</select>
</form>
</body>
</html>
We've included the id attribute for the <form> and so we can use:
getElementById DOM method
which is better than using the document.elementname approach as this searches through all the DOM collections. With multiple FORMs on the page (in my experience) the latter didn't always return the object, whereas the former does.
Anyway, hope this helps
Cheers,
Andy
|
|
|
|
|
thnx a lot for the post
i did fix it already tho and it was a dumb pfu
i had a button called submit on the form
doh!!
and yah its not just for ie
"there is no spoon" biz stuff about me
|
|
|
|
|
Never ever submit a form onchange of a select!
Reasons:
- the user is not able to select options with the keyboard
- when the user uses the mouse wheel and the
select has focus the form is again submitted by accident - the form will not be submitted if the user has JS disabled
Having that said here's another programatically correct approach:
<script type="text/javascript">
function doSubmit(frm) {
frm.submit();
}
</script>
...
<select onchange="doSubmit(this.form)">
|
|
|
|
|
I get this error everytime a page needs to return after a submission:
Response object error 'ASP 0156 : 80004005'
Header Error
/ok3/Discussion Pages/utils/Login.asp, line 68
The HTTP headers are already written to the client browser. Any HTTP header modifications must be made before writing page content.
Since I rode in on the short bus I can't figure it out. Please Advise.
William Hosack
|
|
|
|
|
Ahh this old chestnut. I'm going to take a stab in the dark here and say that you've got a Response.Redirect in the Login.asp file. This is getting called after you've written some data out to the client. There is a simple fix for this, just add
Response.Buffer = true at the top of the asp file and you should find that all will be well.
Setting Response.Buffer to true, tells asp to buffer all of the output until the page has been fully parsed and is ready to go. This means that if you make a change to the HTTP headers mid-page (Response.Redirect sends HTTP headers telling the browser that the requested item has been moved somewhere else [in this case wherever you Response.Redirected to]), asp will just issue out the final headers. Without buffered output, asp will have already sent an HTTP header saying that the resource was found as is following, then it will try to tell the browser that it moved (hence the error)
You will probably find that this page would work "as is" in IIS 5.0 as buffering is turned on by default, whereas in IIS 4.0 it was turned off.
If I'm wrong and this doesn't fix things for you, then please provide the broken code and I will try to help you further.
HTH
|
|
|
|
|
Anyone have a suggestion for a good FREE web anaylsis tool?
|
|
|
|