Difference between these 2 urls.

0

In my PDO study I came across the following: I have a URL like this: www.site.com/admin/index?dir=article/create

As I created a .php removal function from the files in the navigation the URL above did not work.

So I decided to change the "?" by "&" and removing the .php from the URL, thus:

www.site.com/admin/index&dir=article/create

and it worked, he searched the article folder for the create file and rendered it for me. How can this affect my site? Security can be compromised? Thanks for any feedback.

    
asked by anonymous 08.05.2016 / 16:09

1 answer

0

If you are using the Apache WEB server, the MultiViews option is probably active, in this case you can ignore the file extension and Apache itself will determine which file is most appropriate to be called .

This will not interfere with application security.

    
08.05.2016 / 16:25