Directory Listing Denied

**grezle** · 31-05-2011, 10:45

L'istruzione l'ho presa da qui

Codice PHP:


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf8" /> <title>SCRIGNO Viaggi e Turismo - News</title> <style type="text/css">  </style></head>  <body leftmargin="0" topmargin="0" rightmargin="0" bottommargin="0" marginheight="0" marginwidth="0"> <table width="100%" height="100%" border="0" align="center" cellpadding="0" cellspacing="0">   <tr>     <td height="20" align="center" valign="middle">[img]immagini/top_black.jpg[/img]</td>   </tr>      <tr>     <td height="32" align="center"><table width="1000" border="0" cellspacing="0" cellpadding="0">       <tr>         <td height="32"><table border="0" cellpadding="0" cellspacing="0">           <tr>             <td width="234" background="immagini/sub_header_altre_sx.jpg"></td>             <td><table border="0" cellspacing="0" cellpadding="0">               <tr>                 <td valign="top"><object classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=7,0,19,0" width="446" height="32" title="men&ugrave; barra">                   <param name="movie" value="animazioni/menu_barra.swf" />                   <param name="quality" value="high" />                   <embed src="animazioni/menu_barra.swf" quality="high" pluginspage="http://www.macromedia.com/go/getflashplayer" type="application/x-shockwave-flash" width="446" height="32"></embed></object></td>               </tr>                            </table></td>             <td width="320" background="immagini/sub_header_altre_dx.jpg"></td>           </tr>         </table></td>       </tr>     </table></td>   </tr>   <tr>     <td height="15" align="center" bgcolor="#080093">[img]immagini/xsub_header.jpg[/img]</td>   </tr>   <tr>     <td height="442" align="center" valign="middle" bgcolor="#080093"><table width="1000" border="0" cellspacing="0" cellpadding="0">       <tr>         <td width="200"><table width="100%" border="0" cellspacing="0" cellpadding="0">           <tr>             <td height="208" valign="top"></td>           </tr>           <tr>             <td height="50"></td>           </tr>           <tr>           <form method="post" action="<?php $_SERVER['PHP_SELF'] ?>">             <td height="184" align="center" valign="middle"></td>           </form>           </tr>         </table></td>         <td width="59" background="immagini/side_menu.jpg"></td>         <td height="442" align="center" valign="middle" background="immagini/sfondo_news.jpg"><table width="700" height="440" border="0" align="left" cellpadding="0" cellspacing="0">           <tr>             <td align="left" valign="top"><?php include("gestione/connessione.php"); $id = $_GET["id"]; $result = mysql_query("SELECT * FROM news  where id = $id ");   while($row = mysql_fetch_array($result))   {   ?>  <table width="554" border="0" align="center">   <tr>     <td width="548"><div align="center"><span class="Stile1"><span class="Stile3">SCRIGNO VIAGGI</span>
       
     <?php echo $row['data'] . " - ". $row['titolo'];?></span></div></td>   </tr>   <tr>     <td></td>   </tr>   <tr>     <td><?php echo "[img]gestione/upload/". $row[[/img]</td>   </tr>   <tr>     <td></td>   </tr>   <tr>     <td><div align="justify"><span class="Stile4"><?php echo  $row['completa'];?></span></div></td>   </tr>   <tr>     <td>[url="http://www.scrignoviaggi.it/gestione/upload/<?php echo $row['allegato'];?>"]Allegato[/url]</td>   </tr>   <tr>     <td>[url="javascript:history.back();"]Indietro[/url]</td>   </tr> </table>  <?php    } echo "</table>";  mysql_close($con); ?>   </td>             </tr>         </table></td>         </tr>     </table></td>   </tr>   <tr>     <td height="100%" align="center" valign="middle" bgcolor="#080093"><table width="1000" height="21" border="0" align="center" cellpadding="0" cellspacing="0" bgcolor="#080093">       <tr>         <td height="21" align="center" valign="middle" bgcolor="#080093"><div align="center">[img]immagini/footer_sx_up.jpg[/img]</div></td>       </tr>     </table></td>   </tr>   <tr>     <td height="70" align="center" valign="middle"><table width="1000" border="0" align="center" cellpadding="0" cellspacing="0">       <tr>         <td width="20" height="70" background="immagini/footer_sx.jpg"></td>         <td width="180"><table height="70" border="0" cellpadding="0" cellspacing="0">             <tr>               <td height="30" align="center" valign="top">[url="http://www.facebook.com/pages/Gubbio-Italy/Scrigno-Viaggi-Turismo/133968856647744?v=wall"][img]immagini/facebook.jpg[/img][/url]</td>             </tr>             <tr>               <td background="immagini/footer_sub_facebook.jpg"></td>             </tr>         </table></td>         <td height="70">[img]immagini/footer_main.jpg[/img]</td>       </tr>     </table></td>   </tr> </table> </body> </html>

mentre è possibile che la query è settata qui?

Codice PHP:


<?php require('_login.php'); ?> <?php  if ($_FILES["file"]["error"] > 0)   {   echo "Error: " . $_FILES["file2"]["error"] . "
";   } else   {   echo "Upload: " . $_FILES["file2"]["name"] . "
";   echo "Type: " . $_FILES["file2"]["type"] . "
";   echo "Size: " . ($_FILES["file2"]["size"] / 1024) . " Kb
";   echo "Stored in: " . $_FILES["file2"]["tmp_name"] . "
 ";       if (file_exists("upload/" . $_FILES["file2"]["name"]))       {       echo $_FILES["file2"]["name"] . " esiste gia'. ";       }     else       {       move_uploaded_file($_FILES["file2"]["tmp_name"],       "upload/" . $_FILES["file2"]["name"]);      $allegato = $_FILES["file2"]["name"];       echo "Allegato salvato in: " . "upload/" . $_FILES["file2"]["name"]."
 ";       }     }     ?>   <?php  if ((($_FILES["file"]["type"] == "image/gif") || ($_FILES["file"]["type"] == "image/jpeg") || ($_FILES["file"]["type"] == "image/jpg")) && ($_FILES["file"]["size"] < 900000))   {   if ($_FILES["file"]["error"] > 0)     {     echo "Return Code: " . $_FILES["file"]["error"] . "
";     }   else     {     echo "Upload: " . $_FILES["file"]["name"] . "
";     echo "Tipo: " . $_FILES["file"]["type"] . "
";     echo "Dimensioni: " . ($_FILES["file"]["size"] / 1024) . " Kb
";     echo "Cartella temporanea: " . $_FILES["file"]["tmp_name"] . "
";          if (file_exists("upload/" . $_FILES["file"]["name"]))       {       echo $_FILES["file"]["name"] . " esiste gia'. ";       }     else       {           move_uploaded_file($_FILES["file"]["tmp_name"],       "upload/" . $_FILES["file"]["name"]);       echo "Salvato in: " . "upload/" . $_FILES["file"]["name"];      $foto = $_FILES["file"]["name"];            include("connessione.php"); $data = date("d.m.y"); mysql_query('set names utf8'); $sql="INSERT INTO news (titolo, breve, completa,data,foto,allegato) VALUES ('$_POST[titolo]','$_POST[breve]','$_POST[completa]','$data','$foto','$allegato')";   if (!mysql_query($sql,$con))   {   die('Errore: ' . mysql_error());   } echo "
 News Registrata -"." [url='home.php']Home Page[/url] 
";  mysql_close($con);       }     }   } else   {   echo "File immagine non valido - [url='home.php']Home Page[/url]
 ";   }  ?>

Discussione: Directory Listing Denied

Strumenti discussione

Ricerca discussione

Visualizza

Visualizzazione discussione

Permessi di invio