and no need to make a form for it.
simply append

?_PHPLIB%5Blibdir%5D=%2Ftmp%2F

to any URL!!!

Gosh!
G

I myself wrote:
>  
>  Gosh
>  with regards to this paper, named PHP Security Paper (a study in
>  scarlet)...
>  
>  http://www.securereality.com.au/studyinscarlet.txt
>  
>  I always thought _PHPLIB was a defined constant, now I realize it is an
>  array
>  try this script please, which can override the $_PHPLIB[libdir] value.
>  
>  in the third input field, which overrides _PHPLIB[libdir], type '/tmp/',
>  and it will include a file named 'test' there
>  
>  Giancarlo
>  
>  ............
>  <?
>  if (!$HTTP_POST_VARS[step2])
>    {
>    ?>
>    <form action="<?echo $PHP_SELF?>" method=post>
>    $HTTP_GET_VARS[mytest] var:<br>
>    <input name="HTTP_GET_VARS[mytest]" value="1" >
>    <br>
>    the variable $mytest2 var:<br>
>    <input type=text name="mytest2" value="2" >
>    <br>$_PHPLIB[libdir] var <br>
>    (trailing slash required, will include a file namet 'test' there)<br>
>    <input name="_PHPLIB[libdir]" value="1" >
>    <input type=submit name=step2>
>    </form>
>    <?
>    }
>  else
>    {
>    echo "the HTTP_GET_VARS[mytest] --> ".$HTTP_GET_VARS["mytest"]."<br>";
>    echo "the variable mytest2 --> ".$HTTP_POST_VARS["mytest2"]."<br>";
>    echo "_PHPLIB[libdir] --> ".$HTTP_POST_VARS["_PHPLIB"][libdir]."<br>";
>    echo "including the file 'test' in the submitted _PHPLIB[libdir]
>  directory<br>";
>    include ($_PHPLIB[libdir]."test");
>    }
>  ?>
>  
>  .......
>  
>  file 'test' placed in /tmp/
>  
>  <?
>  echo "<h1>CIAO</h1>";
>  ?>

-- 
Abbestellen mit Mail an:   phplib-dev-unsubscribe@[...].de
Kommandoliste mit Mail an: phplib-dev-help@lists.netuse.de