Original geschrieben von Truncate
Nehme die Array-Variante...
Nehme die Array-Variante...
../../../etc/passwd%00
$valid_sites = array('home','impressum','foo');
if(isset($_GET['go']) AND in_array($_GET['go'], $valid_sites)){
include('../includes/inc.'.$_GET['go'].'php');
}else{
include('../includes/inc.home.php');
}
if(isset($_GET['go']))
{ if(file_exists("php/".$_GET['go'].".php"))
{
include("php/".$_GET['go'].".php");
}
else
{
include("php/home.php");
}
}
else
{include("php/home.php");}
if(isset($_GET['go']) && if(file_exists("php/".$_GET['go'].".php"))
Einen Kommentar schreiben: