<?php define( 'DVWA_WEB_PAGE_TO_ROOT', '../../' ); require_once DVWA_WEB_PAGE_TO_ROOT . 'dvwa/includes/dvwaPage.inc.php'; dvwaPageStartup( array( 'authenticated', 'phpids' ) ); $page = dvwaPageNewGrab(); $page[ 'title' ] = 'Vulnerability: File Inclusion' . $page[ 'title_separator' ].$page[ 'title' ]; $page[ 'page_id' ] = 'fi'; $page[ 'help_button' ] = 'fi'; $page[ 'source_button' ] = 'fi'; dvwaDatabaseConnect(); $vulnerabilityFile = ''; switch( $_COOKIE[ 'security' ] ) { case 'low': $vulnerabilityFile = 'low.php'; break; case 'medium': $vulnerabilityFile = 'medium.php'; break; case 'high': $vulnerabilityFile = 'high.php'; break; default: $vulnerabilityFile = 'impossible.php'; break; } require_once DVWA_WEB_PAGE_TO_ROOT . "vulnerabilities/fi/source/{$vulnerabilityFile}"; // if( count( $_GET ) ) if( isset( $file ) ) include( $file ); else { header( 'Location:?page=include.php' ); exit; } dvwaHtmlEcho( $page ); ?>