±×¿Ü ¹æ¹ý :
< IMG > ű׸¦ ±×´ë·Î µÎ°í, ¾ÆÆÄÄ¡ÀÇ Action Áö½ÃÀÚ¸¦ È°¿ëÇÏ´Â ¹æ¹ý
AddHandler chk-image .gif .png .jpg .jpeg .swf
Action chk-image /actimg.php
ÀÌ·¸°Ô ¼³Á¤ÇÏ°í,
DocumentRoot/actimg.php ÆÄÀÏ¿¡ ´ÙÀ½°ú °°Àº ºñ½ÁÇÑ ¹æ¹ýÀ¸·Î üũÇÏ°í
À̹ÌÁö¸¦ Ŭ¶óÀ̾ðÆ®¿¡°Ô Àü¼ÛÇÏ¸é µË´Ï´Ù.
<?php
## get file extension(tail)
##
function get_ftail($file)
{
$tail = substr(strrchr($file,'.'),1);
return strtolower($tail);
}
function get_stype($ftail)
{
$stype = array
(
'gif' => 'image/gif',
'jpg' => 'image/jpeg',
'jpeg' => 'image/jpeg',
'png' => 'image/png',
'swf' => 'application/x-shockwave-flash',
);
return $stype[$ftail];
}
if(!preg_match(";$_SERVER[HTTP_HOST];",$_SERVER[HTTP_REFERER]))
{ exit; }
if(!file_exists($img=$_SERVER[PATH_TRANSLATED]))
{ exit; }
## ±×¿Ü $_COOKIE µîµî üũ
$header = get_stype(get_ftail($_SERVER[PATH_INFO]));
header('Content-type:'.$header);
readfile($img);
exit; // don't print any messages
?>
|
sun's longitude:34 28 01
/board/read.php:¼Ò½ºº¸±â
