One very important point: If you are using files with PHP, avoid retrieving the filename from external sources, such as user input or cookies. This might allow users to inject dangerous code in your website or force you to load files you did not want to open. Some so-called security experts had a self-programmed content management system that created uniform resource locators (URLs) like this: index.php?page=subpage.html. This just loaded the page subpage.html into some kind of page template and sent this to the browser. But what if the following URL is called: index.php?page=../../../etc/passwd? With some luck (or bad luck, depending on your point of view), the contents of the file /etc/passwd are printed out in the browser. This kind of attacka so-called directory traversal attackis quite common on the Web. How-ever, you can avoid becoming a victim in several ways:
|