Question

<!doctype html>
<html>
<head>
<meta charset="utf-8">
<title>Ship Parts</title>
        <script src="libs/jquery/jquery-3.1.1.min.js"></script>
        <script src="libs/bootstrap-3.3.7-dist/js/bootstrap.min.js"></script>
        <link rel="stylesheet" href="libs/bootstrap-3.3.7-dist/css/bootstrap.min.css" >
        <link rel="stylesheet" href="libs/styles/boot2016.css">
        <link rel="stylesheet" href="libs/styles/cyber.css">
        <script src="libs/scripts/common1.js"></script>
        <script src="libs/scripts/cyberO.js"></script>

</head>

<body>
        <div class="container" style="margin-bottom:60px;">
                <div style="background-image:url('libs/images/ocean.jpg'); background-position: center; padding: 40px; font-size:72px; color:white;" class="text-center align-middle" >
                        <h1>Ship-Parts Military Boats</h1>
                </div>
                <h2>Welcome to Ship-Parts Military Boats</h2>
                <p>Ship-Parts Military Boats are high-performance rigid hull inflatable boats and vessels that are specifically designed for the extreme endurance needs of the military and law enforcement.</p>

                <p><strong>Select a product:</strong></p>
                <form action="index.php" method="POST" id="products">
                        <select name="product">
                                <option value="inflatable.html">Inflatable Boats</option>
                                <option value="navy.html">Navy Boats</option>
                                <option value="coastguard.html">Coast Guard Boats</option>
                                <option value="lawenforcement.html">Law Enforcement Boats</option>
                                <option value="about.html">About Us</option>
                        </select>
                        </select>
                        <input type="submit" value="Show Info" />
                </form>
                <br>

                <?php
                        if(isset($_POST["product"]) ) {
                                include $_POST["product"];
                        }
                        else {
                                include "about.html";
                        }

                ?>


        </div>
</body>
</html>

所以我应该修复这个网站。我需要验证optionvalue指向的选项是他们在页面发送信息之前应该使用的选项，这样即使有人将文件从inflatables.html更改为allmyloginsxd.html它只会显示为错误。

我不了解有关代码的事情（以及我所采取的课程，不能教我或给我时间学习）所以你可以更简单地向我解释一切。

Answer 1

正如我在评论中所建议的那样，考虑在客户端验证旁边使用服务器端检查，以确保在实例中备份您的客户端验证被绕过。

简而言之，您可以使用in_array检查选项的输入：

/** Your page names would go in here. **/
$correct_values = ['option-val-one', 'option-val-two'];

if (!in_array($_POST['product'], $correct_values)) {
    /** Unknown value has been passed. **/
}

除此之外，您的标记中存在错误，其中您有重复的标记（</select>）。

另一个LFI问题

1 个答案: