<?php
$QUERYSTRING = "test.php?haha=EPS";
do {$a = $QUERYSTRING; $QUERYSTRING = str_replace(array('..', '~', chr(0), ':', '?'), '', $QUERYSTRING); } while ($a != $QUERYSTRING);
if( (substr(strtolower($QUERYSTRING), -3) != ".ai") && (substr(strtolower($QUERYSTRING), -4) != ".eps")) {
echo "not allowed";
} else {
echo "allowed";
}
- Output for 4.3.0 - 4.3.11, 4.4.0 - 4.4.9, 5.0.0 - 5.0.5, 5.1.0 - 5.1.6, 5.2.0 - 5.2.17, 5.3.0 - 5.3.29, 5.4.0 - 5.4.45, 5.5.24 - 5.5.35, 5.6.8 - 5.6.28, 7.0.0 - 7.0.20, 7.1.0 - 7.1.20, 7.2.0 - 7.2.33, 7.3.16 - 7.3.33, 7.4.0 - 7.4.33, 8.0.0 - 8.0.30, 8.1.0 - 8.1.28, 8.2.0 - 8.2.18, 8.3.0 - 8.3.6
- not allowed
preferences:
157.75 ms | 406 KiB | 312 Q