PHPSmarty program exploitation model

Example of Smarty program exploitation: Guestbook section 1 This is a PHP Exploitation program that applies Smarty. The goal is to demonstrate how to apply Smarty in the exploitation program and how to separate your "presentation. This example

Example of Smarty program exploitation: Guestbook section 1

This is a PHP Exploitation program that applies Smarty. The goal is to demonstrate how to apply Smarty in the exploitation program and how to separate your "presentation. This model is quite simple, but contains a complete mini-framework for the rapid and simple use of a Smarty driver. Once you understand the concept of "expressing" separately, you may use it in some program development. If that is the case, you need to apply the following code in your program based on your own judgment and take responsibility for it.

You can download the source code of this example from here. Http://www.phpinsider.com/php/code/guestbook/Guestbook-1.0.tar.gz
You can take a look at this demo here. Http://www.phpinsider.com/php/code/guestbook/

This article does not cover how to install Apache, PEAR, and MySQL. Make sure you know these things or have a coherent software environment that can be directly applied. If your running environment is different from the model, you need to adjust it in the code given.

Next, we will develop a message book program without a administrator interface. you can browse or leave a message. It involves some programming knowledge related to Smarty, such as reading and displaying form and database data.

This example is the expansion of the guestbook program in the Smarty installation guide, so we developed it based on this. The following are the files used by our program:

Guestbook app files/directories:
/Web/www.example.com/docs/
/Web/www.example.com/docs/guestbook/
/Web/www.example.com/docs/guestbook/index.php

/Web/www.example.com/smarty/guestbook/
/Web/www.example.com/smarty/guestbook/templates/
/Web/www.example.com/smarty/guestbook/templates_c/
/Web/www.example.com/smarty/guestbook/configs/
/Web/www.example.com/smarty/guestbook/cache/

/Web/www.example.com/smarty/guestbook/libs/
/Web/www.example.com/smarty/guestbook/libs/guestbook_setup.php
/Web/www.example.com/smarty/guestbook/libs/guestbook.lib.php
/Web/www.example.com/smarty/guestbook/libs/ SQL .lib.php

The following describes the usefulness of these files one by one:

/Web/www.example.com/docs/
/Docs/is the root directory of our WEB server (DocumentRoot in Apache httpd. conf ).

/Web/www.example.com/docs/guestbook/
/Guestbook/is a lower-level directory that can be visited by the browser relative to the root directory and stores our programs.

/Web/www.example.com/docs/guestbook/index.php
Index. php is the "gate" of our program, and the WEB browser willHttp://www.example.com/guestbook/index.phpVisit this script file.

/Web/www.example.com/smarty/guestbook/

This is the directory that stores all the script files of our program (implemented logic). These script files are not necessarily stored in the root directory of the server. Whether to store all the script files in the root directory of the server as you wish, but here we only put the page files that promise the WEB browser to visit directly under the root directory of the WEB server. You can apply Apache's ". the "htaccess" method or other WEB server software prohibits WEB browsers from directly visiting the script files stored in the root directory (which should not be accessed directly by WEB browsers.