|
|
php.net | support | documentation | report a bug | advanced search | search howto | statistics | random bug | login |
PatchesPull RequestsHistoryAllCommentsChangesGit/SVN commits
[2006-05-13 16:53 UTC] pajoye@php.net
[2006-05-13 17:01 UTC] tim dot site at gmail dot com
|
|||||||||||||||||||||||||||||||||||||
Copyright © 2001-2025 The PHP GroupAll rights reserved. |
Last updated: Thu Dec 04 00:00:02 2025 UTC |
Description: ------------ opendir() lets users browse al files on the server, even the one of other hardisk and ffiles in the htdocs list. Is this bug? this is very bad for the server security. Reproduce code: --------------- <?php function select_files($dir, $label = "", $select_name, $curr_val = "", $char_length = 30) { $teller = 0; if ($handle = opendir($dir)) { $mydir = ($label != "") ? "<label for=\"".$select_name."\">".$label."</label>\n" : ""; $mydir .= "<select name=\"".$select_name."\">\n"; $curr_val = (isset($_REQUEST[$select_name])) ? $_REQUEST[$select_name] : $curr_val; $mydir .= ($curr_val == "") ? " <option value=\"\" selected>...\n" : "<option value=\"\">...\n"; while (false !== ($file = readdir($handle))) { $files[] = $file; } closedir($handle); sort($files); foreach ($files as $val) { if (is_file($dir.$val)) { // show only real files (ver. 1.01) $mydir .= " <option value=\"".$val."\""; $mydir .= ($val == $curr_val) ? " selected>" : ">"; $mydir .= (strlen($val) > $char_length) ? substr($val, 0, $char_length)."...\n" : $val."\n"; $teller++; } } $mydir .= "</select>"; } if ($teller == 0) { $mydir = "No files!"; } else { return $mydir; } } echo select_files("C:/winnt/", "", "", "", "60"); ?> Expected result: ---------------- I espect an error because I entered a folder that should not be visibible for other users Actual result: -------------- I see the files of the C:/winnt dir, but other Files on other harddisks are also possible to see even the files in the htdocs directory are visible, so i can see the files of other users.