ID: 12158
Updated by: stas
Reported By: [EMAIL PROTECTED]
Old Status: Open
Status: Closed
Bug Type: Strings related
Operating System: Win2K
PHP Version: 4.0.6
New Comment:
The code you get is:
strstr($filename,".htm") || strstr($filename,".asp")
this is not a valid code block for eval. If you add "return " before it and ";" after
it, it should work then.
Previous Comments:
------------------------------------------------------------------------
[2001-07-13 20:58:01] [EMAIL PROTECTED]
<?php
$extensions=array(".htm",".asp");
$x="";
$numargs=count($extensions);
for ($i=0;$i<=$numargs-1;$i++){
$x=$x."strstr(\$filename,\"".$extensions[$i]."\")";
if ($numargs>0 && $i!=$numargs-1){
$x=$x." || ";
}
}
$validExtensions=$x;
echo $validExtensions;
$handle=opendir('.');
while (($filename = readdir($handle))!==false) {
if (is_file($filename)){
$fd = fopen ($filename, "rb");
$contents = fread ($fd, filesize ($filename));
if (eval($validExtensions)){
echo $filename."<br>";
}
fclose ($fd);
}
}
closedir($handle);
?>
------------------------------------------------------------------------
Edit this bug report at http://bugs.php.net/?id=12158&edit=1
--
PHP Development Mailing List <http://www.php.net/>
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
