aaa
abc
あああ
漢字
<html>
<head><title>up.php</title></head>
<body>
<p> file uploader </p>
<?php
$updir = "./upload/";
$updir2 = $_POST['updir'];
$filename = $_FILES['upfile']['name'];
$filemode = $_POST['filemode'];
print("updir:");
print("$updir </br>");
print("filename:");
print("$filename </br>");
print("filemode:");
print("$filemode </br>");
$f = escapeshellcmd($filename);
$ft = escapeshellcmd($_FILES['upfile']['tmp_name']);
$m = escapeshellcmd($filemode);
// $fe = escapeshellcmd($_FILES['upfile']['error']);
// $f01 = $updir.$filename;
// $f02 = $updir2.$filename;
// $f03 = $_FILES['upfile']['tmp_name'];
$f01 = $updir.$f;
$f02 = $updir2.$f;
$f03 = $updir.$ft;
print("f01 : <b> $f01 </b> <BR>");
print("f02 : <b> $f02 </b> <BR>");
print("f03 : <b> $f03 </b> <BR>");
print("m : <b> $m </b> <BR>");
// if (move_uploaded_file($_FILES['upfile']['tmp_name'], $updir.$filename)
== FALSE){
if (move_uploaded_file($f03, $f01) == FALSE){
print("Upload failed");
$fe = escapeshellcmd($_FILES['upfile']['error']);
print($fe);
}
else {
print("<b> $filename </b> uploaded<BR>");
// print("<b> $filemode </b> change moded<BR>");
// chmod("/somedir/somefile", 0755); // 8 進数; 正しいモードの値
// $f = escapeshellcmd($filename);
// ここでは気を遣い、クォートを使用する
// system("touch \"/tmp/$f\"; ls -l \"/tmp/$f\"");
/*
if (chmod($updir.$filename, $filemode ) == FALSE){
print("chmod failed");
}
else {
print("<b> $filemode </b> change moded<BR>");
}
*/
$cmd01 = "chmod \"$m\" \"$f01\"";
print("cmd01 : <b> $cmd01 </b><BR>");
// $cmd02 = "cp \"$f03\" \"$f02\"";
$cmd02 = "cp \"$f01\" \"$f02\"";
print("cmd02 : <b> $cmd02 </b><BR>");
// $cmd03 = "del \"$f03\"";
$cmd03 = "del \"$f01\"";
print("cmd03 : <b> $cmd03 </b><BR>");
// $cmd04 = "ls -al \"$f03\"";
$cmd04 = "ls -al \"$f01\"";
print("cmd04 : <b> $cmd04 </b><BR>");
// $cmd05 = "ls -al \"$f03\"";
$cmd05 = "ls -al \"$f02\"";
print("cmd05 : <b> $cmd05 </b><BR>");
//void passthru ( string $command [, int &$return_var ] )
if (system("$cmd01" ) == FALSE){
print("chmod failed");
}
else {
print("<b> $m </b> change moded");
}
if (system("$cmd02" ) == FALSE){
print("cp failed");
}
else {
print("<b> cmd02 </b> ok");
}
}
?>
</body>
</html>
perl
1: $dir = "/tmp";
2: $str = `/bin/ls -l $dir`;
1: $fFilename = shellEsc($fFilename);
2: $str = system("/bin/ls /tmp/$fFilename");
1: $str = system("/bin/ls /tmp/$fFilename");
sub shellEsc {
$_ = shift;
s/([\&\;\`\'\\\"\|\*\?\~\<\>\^\(\)\[\]\{\}\$\n\r])/\\$1/g;
return $_;
}
$inputChars = "&;`\'\\\"|*?~<>^()[]{}\$\n\r";
print shellEsc($inputChars);
aaa