关于php文件上传漏洞的处理
1.判断后缀是 .php
2.在apache里面需要额外判断 .pht、.phtml
引用原文: so if we upload test.pht/.phtml file, apache aslo will parser it as php file, so we can execute any php code
关于php文件上传漏洞的处理
1.判断后缀是 .php
2.在apache里面需要额外判断 .pht、.phtml
引用原文: so if we upload test.pht/.phtml file, apache aslo will parser it as php file, so we can execute any php code