tenant-register. PHP, the ninth line of code. The information filled in by the front end includes the uploaded file, which is transferred to the back end through POST requests. No filtering is performed in this process
tenant-engine.php,
In tenant engineering Php, the 40th line of code - the 51st line of code. The uploaded file is stored in the tenant photo directory, and the successful file upload returns the file name information,
function tenant_register(){
if(isset($_FILES['id_photo']))
{
$id_photo='tenant-photo/'.$_FILES['id_photo']['name'];
// echo $_FILES['image']['name'].'<br>';if(!empty($_FILES['id_photo'])){
$path = "tenant-photo/";
$path=$path. basename($_FILES['id_photo']['name']);
if(move_uploaded_file($_FILES['id_photo']['tmp_name'], $path))
{
echo"The file ". basename($_FILES['id_photo']['name']). " has been uploaded";
}
else{
echo "There was an error uploading the file, please try again!";
}
}
Build environment: Apache 2.4.39; MySQL5.7.26; PHP7.3.4
tenant-register. PHP, the ninth line of code. The information filled in by the front end includes the uploaded file, which is transferred to the back end through POST requests. No filtering is performed in this process
tenant-engine.php,
In tenant engineering Php, the 40th line of code - the 51st line of code. The uploaded file is stored in the tenant photo directory, and the successful file upload returns the file name information,
POC:
Execute phpinfo:
http://vulhrs.test/tenant-photo/POC.php?ace=phpinfo();
The text was updated successfully, but these errors were encountered: