Help Folks 2

[VeseliTigar]

Ok. I realy break the rules, my apologies for that. So I realy need to get any tutorial or something
for breaking include function. Any links, advices or something like that. I am familiar with php
so i would appreciate any tutorial. Thanx

My problem is this:

I have script that open other files when you type in name of script. example. www.site.com/index?open=filename here.
I think it's using addslash() function to disable invalid inputs like ' / ", and at end every input it add .php extension.
Links, advices or anything. Would be appreciate. Thanx again, a lot, for every post.

[msbachman]

What you're talking about is a simple Remote-File Include (RFI).

Here is a simple tutorial that's decent but probably not the best.

Are you sure the slashes are being escaped? It seems if you got that far to include a remote file nothing of what I said is new to you, so sorry if this didn't help much.

There are some other ways that it could be done, for instance they could have coded the page with a switch table so that if you don't include a set of explicitly defined files it defaults to something.

Also, they could have turned off allow_url_include.