|
|||||||||
|
|||||||||
|
|||||||||
| |
|||
 |
|
|
|
|
|||||||||
|
|||||||||
|
|||||||||
| |
|||
|
|
|
|
| |||||||||
 |
|
|
«
Previous Thread
|
Next Thread
»
|
Thread Tools | Search this Thread | Display Modes |
Dev Articles Community Forums Sponsor:
|
|
|
|
#1
June 29th, 2004, 10:05 AM
|
|||
|
|||
|
Security problems?
I'm new to php and have just started learning it yesterday. I want to use a switch to change files so that all of the pages can be integrated to one file that includes others. I just wanted to know if there are any possible security problems with this code:
Code:
<?php
function test1()
{
include ('test1.txt');
}
function test2(){
include ('test2.txt');
}
function test3(){
include ('test3.txt');
}
switch( $_GET['article'] ) {
case "test2":
test2();
break;
case "test3":
test3();
break;
default:
test1();
break;
}
?>
Thanks
|
|
#2
June 29th, 2004, 10:24 AM
|
|||
|
|||
|
Ok theres nothing wrong with this as such but theres a couple of issues I can think of.
1) Where you include the files you aren't testing to see if they actually exist so if an error occurs somewhere you won't know about it. 2) Since you are using a query string argument to determine which file you want to be displayed someone can edit the query string to get at any of the pages. This is fine if you don't wish to restrict access to any of them but if you do then this could present a problem. Hope this helps, -KM-
|
|
| Viewing: Dev Articles Community Forums > Programming > PHP Development > Security problems? |
| Thread Tools | Search this Thread |
| Display Modes | Rate This Thread |
|
|
 |
|
|
Del.icio.us
Digg
Google
Spurl
Blink
Furl
Simpy
Y! MyWeb
Linear Mode
