WEB安全系列之如何挖掘任意檔案讀取漏洞
阿新 • • 發佈:2018-12-23
-
$fp="../template/".$siteskin."/area_show.htm";
-
$f = fopen($fp,'r');
-
$strout = fread($f,filesize($fp));
-
fclose($f);
-
$strout=str_replace("{#siteskin}",$siteskin,$strout) ;
-
$strout=str_replace("{#sitename}",sitename,$strout) ;
-
$strout=str_replace("{#siteurl}",siteurl,$strout) ;
-
$strout=str_replace("{#pagetitle}",$province.sitetitle,$strout);
-
$strout=str_replace("{#pagekeywords}",$province.sitekeyword,$strout);
-
$strout=str_replace("{#pagedescription}",sitedescription,$strout);
-
$strout=str_replace("{#province}",$province,$strout) ;
-
$strout=str_replace("{#sitebottom}",sitebottom(),$strout);
-
$strout=str_replace("{#sitetop}",sitetop(),$strout);
-
$strout=showlabel($strout);
- echo $strout;