31 lines
971 B
PHP
31 lines
971 B
PHP
<?php
|
|
|
|
// Check if the right PHP functions are enabled
|
|
$WarningHtml = '';
|
|
if( !ini_get( 'allow_url_include' ) ) {
|
|
$WarningHtml .= "<div class=\"warning\">The PHP function <em>allow_url_include</em> is not enabled.</div>";
|
|
}
|
|
if( !ini_get( 'allow_url_fopen' ) ) {
|
|
$WarningHtml .= "<div class=\"warning\">The PHP function <em>allow_url_fopen</em> is not enabled.</div>";
|
|
}
|
|
|
|
|
|
$page[ 'body' ] .= "
|
|
<div class=\"body_padded\">
|
|
<h1>Vulnerability: File Inclusion</h1>
|
|
|
|
{$WarningHtml}
|
|
|
|
<div class=\"vulnerable_code_area\">
|
|
[<em><a href=\"?page=file1.php\">file1.php</a></em>] - [<em><a href=\"?page=file2.php\">file2.php</a></em>] - [<em><a href=\"?page=file3.php\">file3.php</a></em>]
|
|
</div>
|
|
|
|
<h2>More Information</h2>
|
|
<ul>
|
|
<li>" . dvwaExternalLinkUrlGet( 'https://en.wikipedia.org/wiki/Remote_File_Inclusion' ) . "</li>
|
|
<li>" . dvwaExternalLinkUrlGet( 'https://www.owasp.org/index.php/Top_10_2007-A3' ) . "</li>
|
|
</ul>
|
|
</div>\n";
|
|
|
|
?>
|