I open test1.php
in my browser, which should call test2.php
with the GET variable id
in the url which in turn should append the id and time to a local text file called test1.txt
But it doesn't work.
If I call test2.php
directly with the GET var it works just fine - http://www.example.com/test2.php?id=123456
- but it doesn't work when I load test1.php
in my browser.
test1.php
curl_setopt_array(
$ch, array(
CURLOPT_URL => 'http://www.example.com/test2.php?id=123456',
CURLOPT_RETURNTRANSFER => 0
));
curl_exec($ch);
test2.php
if(!isset($_GET['id'])) {
die();
}
$ID = (int)$_GET['id'];
$myfile = fopen("test1.txt", "a") or die();
$txt = $ID . " - " .time() . "
";
fwrite($myfile, $txt);
fclose($myfile);
Is there a security measure in php to prevent this kind of action or am I just missing something really obvious here?