ptarjan
6e899255c6
Instead of having a blacklist on name, how about we use a different file extension for included files? Many PHP installs do this for files that are in the document root but shouldn't be served. @override-unit-failures
18 linhas
265 B
PHP
18 linhas
265 B
PHP
<?php
|
|
|
|
class A {
|
|
private $c;
|
|
private $d;
|
|
public function f() {
|
|
eval('$this->a = 20; $this->c = 200;');
|
|
include 'include3.inc';
|
|
echo $this->a."\n";
|
|
echo $this->b."\n";
|
|
echo $this->c."\n";
|
|
echo $this->d."\n";
|
|
}
|
|
}
|
|
|
|
$a = new A;
|
|
$a->f();
|