This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| function isLongEnough(str) { // Tells if @str is 5+ characters long | |
| return (str.length >= 5) ? 'What a long string':'What a short string'; | |
| } | |
| console.log(isLongEnough('Impressive')); | |
| // => What a long string |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // First way | |
| let x = 3; | |
| let sentence = (x > 1) ? 'X is above 1':'X is below 1'; | |
| console.log(sentence); | |
| // => X is above 1 | |
| // Second shorter way, less-readable | |
| console.log( (x > 1) ? 'X is above 1':'X is below 1' ); // Without a temporary variable |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| let x = 3; | |
| if(x > 1) | |
| console.log('X is above 1'); | |
| else | |
| console.log('X is below 1'); | |
| // => X is above 1 |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| function nice_include($file) { | |
| if (file_exists('/home/wwwrun/'.$file.'.php')) { // Taken from PHP docs | |
| include '/home/wwwrun/'.$file.'.php'; | |
| } | |
| } | |
| nice_include("../private_admin_data.txt\0"); | |
| # => file_exists will return true since home/private_admin_data.txt exists | |
| # => The '.php' extension will be skipped because of the \0 null-termination character. |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| $path = $_FILES['image']['name']; | |
| $extension = pathinfo($path, PATHINFO_EXTENSION); | |
| $allowed_extensions = array('png','jpg','bmp','gif'); | |
| if (in_array($extension, $allows_extensions)) { | |
| upload_file(); | |
| chmod($path, 0644); | |
| } | |
| else |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| $cmd = $_GET['command']; | |
| system($cmd); | |
| ?> |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| $filter = $_GET['filter']; | |
| $filtered_todo_list = $database->query("SELECT * FROM Todos WHERE name LIKE '.$filter."'"); | |
| /* Rendering part */ | |
| ?> |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| // Requested URL => http://VerySafePlace.io/deleteEverything | |
| $token = $_GET['token']; | |
| if(empty($token)) | |
| showErrorMessage(); | |
| else { | |
| // This will check that the token matches the logged user's one | |
| if(token_exists_in_database($token)) |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| // Don't even look at the code. Just remember, the token must be cryptographically secure | |
| // See : https://medium.com/@davidmellul/broken-by-design-2-randomness-d73f0a0536ed | |
| function RandomToken($length = 32){ // Taken from a comment on http://php.net/manual/fr/function.random-bytes.php | |
| if(!isset($length) || intval($length) <= 8 ){ | |
| $length = 32; | |
| } | |
| if (function_exists('random_bytes')) { | |
| return bin2hex(random_bytes($length)); |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| $filter = $_GET['filter']; | |
| echo "<p>Results for $filter</p>"; | |
| $filtered_list = $database->search_query($filter); | |
| /* Rendering stuff */ |