Play SAH Search Log in Register / Forams
SUPERJER FORAMS

PHP include thing and Hackingness and Not-accessingness

PHP include thing and Hackingness and Not-accessingness

if( while ) switch{ coding } ++ — Page [1]
molkman
Owner of George Washington's Prototype Mittens

Marine Warfare Corporal
Find the Hole Participation Medal
Find the Hole II Participation Medal
Tasty Br�twurst Medal
2005 May 2 • 2066
404 ₧
Hokays, I got this tasty simple PHP script:

<?php
include "bambizzle.htm"
?>

Is it possible to hack it? Because our site is always hacked, that's why we don't have much PHP in it. :/

Also, how can I "lock" folders and such for other people? Like, how can I deny access to like, parts of my site like http://www.exotworking.com/files/ ? Like superjer has it on his site, that a deny-ing page pops up or something. So people can't download the .html and .php files to check stuff.
LET LOVE REIGN
 
 
 
2008 Dec 30 at 05:24 PST — Ed. 2008 Dec 30 at 05:24 PST
Yankes
Spawnbox
2008 Dec 28 • 10
just use .htaccess!
google it
 
 
 
2008 Dec 30 at 16:48 PST
SuperJer
Websiteman

2005 Mar 20 • 6629
molkman said:
Also, how can I "lock" folders and such for other people? Like, how can I deny access to like, parts of my site like http://www.exotworking.com/files/ ? Like superjer has it on his site, that a deny-ing page pops up or something. So people can't download the .html and .php files to check stuff.


1.) In Apache get rid of Options Indexes.
2.) OR just put a blank index.htm or .php in there.
 
 
 
2008 Dec 31 at 21:25 PST
SuperJer
Websiteman

2005 Mar 20 • 6629
molkman said:
<?php
include "bambizzle.htm"
?>

Is it possible to hack it? Because our site is always hacked, that's why we don't have much PHP in it. :/


There's nothing hackable about that code. It isn't even processing any user input so there's no room for exploits.

Alternatively, if it was: include $_GET['something']; it would be very hackable.
 
 
 
2008 Dec 31 at 21:27 PST — Ed. 2008 Dec 31 at 21:29 PST
molkman
Owner of George Washington's Prototype Mittens

Marine Warfare Corporal
Find the Hole Participation Medal
Find the Hole II Participation Medal
Tasty Br�twurst Medal
2005 May 2 • 2066
404 ₧
Hokays, thanks, that's all that I needed.
LET LOVE REIGN
 
 
 
2009 Jan 1 at 13:34 PST
ReviveJer
2009 Nov 27 • 11
Truck revived.
Reviving old trucks is my profession.
 
 
 
2009 Nov 28 at 00:00 PST
Page [1]