操蛋,修复BUG,请问怎么修复这个bug
有2个php文件
1.php
echo '1';
?>
2.php
echo '2';
?>
浏览器里输入
http://localhost/1.php/2.php
会输出 1
,为了省去麻烦,我想直接提示浏览器地址非法,该怎么做?
<br />
$url = "http://localhost/1.php/2.php";<br />
$filename = basename($url);<br />
if($filename != "1.php"){<br />
echo "<script>alert('地址非法');</script>";<br />
}<br />
How to verify if website is vulnerable?<br /> <br /> If, for example, you use http://www.example.com/admin/ URL to access store admin, try to open http://www.example.com/admin/orders.php/login.php. If you will not see login screen you are in danger!
