Hi guys
I have the SMF 1.0.2 (the last version), with classic theme. I just wanted to put this piece of code somewhere in the forum:
<?php
ini_set ("include_path", ini_get ("include_path") . ':../:../../:../../../:../../../../');
include ('blabla.php');
echo $blabla[0];
?>
I have tried as many ways I can imagine, but the better / achieve is something like that: iniset has been disabled for security blabla in /...///////
çeven I tried with includes (a file with the code in) but I achieved nothing.
this piece of code works in phpnuke, postnuke, phpbb, invision, bulletin... so that's not the problem
Thank U
Sorry about my poor english
Lainaus käyttäjältä: Naiden - maaliskuu 17, 2005, 12:22:32 IP
I have tried as many ways I can imagine, but the better / achieve is something like that: iniset has been disabled for security blabla in /...///////
çeven I tried with includes (a file with the code in) but I achieved nothing.
That error has nothing to do with SMF; it means that your host has disabled ini_set. Why not use the full path to the file instead of using include_path?
-[Unknown]
That a moment I thought, but that very code is running on the same server at a postnuke's page.
but how can I modify that pice of code? Maybe...
<?php
include (':../:../../:../../../:../../../../blabla.php');
echo $blabla[0];
?>
but I have the blabla.php at the same directory, a
<?php
include ('blabla.php');
echo $blabla
Well, you could try this if you're really desperate. Remember that in an SMF template, the current directory is still the directory of SMF, not of the template file.
$places = array($settings['theme_dir'], $boarddir, $boarddir . '/..');
foreach ($places as $place)
if (file_exists($place . '/blahblah.php'))
break;
include_once($place);
-[Unknown]
Lainaa
2: template_main_below(): SAFE MODE Restriction in effect. The script whose uid/gid is 1301334/1096203 is not allowed to access /.. owned by uid/gid 0/0
File: /data/members/paid/d/a/davilac.net/htdocs/foros/Themes/default/Admin.template.php (eval?)
Line: 215
Back
Notice: Array to string conversion in /data/members/paid/d/a/davilac.net/htdocs/foros/Sources/Subs.php on line 1793
Notice: Undefined offset: 1 in /data/members/paid/d/a/davilac.net/htdocs/foros/Sources/Subs.php on line 1795
Notice: Undefined variable: boarddir in /data/members/paid/d/a/davilac.net/htdocs/foros/Sources/Load.php(1040) : eval()'d code on line 210
Notice: Undefined variable: boarddir in /data/members/paid/d/a/davilac.net/htdocs/foros/Sources/Load.php(1040) : eval()'d code on line 210
Warning: template_main_below(): SAFE MODE Restriction in effect. The script whose uid/gid is 1301334/1096203 is not allowed to access /.. owned by uid/gid 0/0 in /data/members/paid/d/a/davilac.net/htdocs/foros/Sources/Load.php(1040) : eval()'d code on line 215
Warning: template_main_below(/..): failed to open stream: No such file or directory in /data/members/paid/d/a/davilac.net/htdocs/foros/Sources/Load.php(1040) : eval()'d code on line 215
Warning: template_main_below(): Failed opening '/..' for inclusion (include_path='.:/data/apache/php/mmp_lib:/data/session') in /data/members/paid/d/a/davilac.net/htdocs/foros/Sources/Load.php(1040) : eval()'d code on line 215
Warning: template_main_below(): SAFE MODE Restriction in effect. The script whose uid/gid is 1301334/1096203 is not allowed to access /.. owned by uid/gid 0/0 in /data/members/paid/d/a/davilac.net/htdocs/foros/Sources/Load.php(1040) : eval()'d code on line 219
Warning: template_main_below(/..): failed to open stream: No such file or directory in /data/members/paid/d/a/davilac.net/htdocs/foros/Sources/Load.php(1040) : eval()'d code on line 219
Warning: template_main_below(): Failed opening '/..' for inclusion (include_path='.:/data/apache/php/mmp_lib:/data/session') in /data/members/paid/d/a/davilac.net/htdocs/foros/Sources/Load.php(1040) : eval()'d code on line 219
Nonetheless thank you. :)
2: template_main_below(): SAFE MODE Restriction in effect. The script whose uid/gid is 1301334/1096203 is not allowed to access /.. owned by uid/gid 0/0
Safe mode is evil. The files are owned by different people.
-[Unknown]