3

I'm having a little problem with my PHP-code. I want to create a site which has different directories. Every directories has a file named pass (not .txt or something) with the value of the directories password. So if the pass-file doesn't exist the group will not exist. But even if the group exists it still says the group doesn't exist and I can't fopen the file either, but I can locate to it. Here's my code:

<?php
$name = $_POST['name'];
$group = $_POST['group'];
$pass = $_POST['pass'];
$filename = '/groups/' . $group . '/pass';
if(file_exists($filename)){
    $handle = fopen($filename) or die("can't open file");
    $hoi = fread($handle, filesize($filename));
    fclose($handle);
    if ($pass === $hoi){
        session_start();
        $_SESSION['name'] = $name;
        header('Location: http://www.google.com');
    }
    else{
        echo 'Password is wrong!';
    }
}
else{
    echo 'Group does not exist!';
}
?>

All POST-data is correct btw. Thanks for your help!

Jochem Groot Roessink
  • 39
  • 3
  • try to give full path always. – Alive to die - Anant Jun 28 '15 at 04:10
  • 2
    `$filename = '/groups/' . $group . '/pass';` is an absolute file path, so you are essentially (assuming you use windows for this reference) seeing if `c:/groups/....` exists. – Jon Jun 28 '15 at 04:14
  • 2
    the path to the file should be absolute. Suggested way should be use: define('ROOT', dirname(__FILE__)); // define('ROOT', 'c:\\somedir'); then use $filename = ROOT . '/groups/' . $group . '/pass'; – sabkaraja Jun 28 '15 at 04:18
  • _“Every directories has a file named pass (not .txt or something) with the value of the directories password”_ – that’s great news for everyone who knows how your system works and wants to hack into it – because now they can simply request `/groups/foobar/pass` via their browser … (unless you have specifically prevented HTTP access to those files in some way?) – CBroe Jun 28 '15 at 04:38
  • @CBroe Yeah, I know, I am gonna do contrahacking later but first I want this to work, you see. – Jochem Groot Roessink Jun 28 '15 at 04:40
  • Use extension like .php or .html. without this you will not always get false result. – Manish Sep 21 '16 at 14:50

1 Answers1

0

I think, that file pass must have ending. eg. .php or .html or something File name '/groups/' . $group . '/pass'; is wrong.

PHP function is named file_exist() and files must have endings!

If it is folder it has sometimes slash at the end. But it can be file. With .htaccess redirect, on index.html or index.php could be slash at the end of the file.

CZ workman
  • 185
  • 2
  • 10