Directory Browsing with PHP.
| New Articles |
In the previous page you have seen how easy it is to list the contents of a directory using the backticks operator in PHP.
That in itself is not much use to anyone. So let's try to build a simple directory browsing and donwload system based on that code.
$cmd = "ls -l $path";
$list = split("\n",`$cmd`);
$pattern = "/[dwrx\-]{10}/";
$list = array_slice($list,1,count($list)-1);
foreach($list as $file)
{
$file = preg_split("/ /",$file,20,PREG_SPLIT_NO_EMPTY);
$downlink = "getfile.php?filename=". urlencode("$path/".$file[FNAME]);
printf('<tr><td class="cell1">%s</td><td class="cell1">%s</td>
<td class="cell1">%s</td><td class="cell1">%s</td>
<td class="cell1">%s %s %s</td>
<td class="cell1"><a href="%s">%s</a></td>
</tr>',
$file[FPERM],$file[FUID],$file[FGID], $file[FSIZE],
$file[FMONTH],$file[FDAY],$file[FTIME],
$downlink, $file[FNAME]);
}
The most important point about the above code is that it does not provide a direct download link to the file. If you did, when you click on it server executable code such as php, jsp or perl would get executed instead of being delivered to the client.
If these files you are browsing through are user uploaded files then a malicious user would be able to upload a php script that can wreck your server.
In the next page we will see how these files can be safely delivered to the clients.
