Date: 04/17/07 (PHP Community)    Keywords: php, security, web

Hi, I'm new here but I hope I can get some help anyway...

I have a big problem. I do webdesign and one of my sites got hacked today. The web hotel tells me that there is a "security risk" in my index.php file. I can only assume that it's the php-part of the file. The problem is, I don't know much about PHP really - the php I do have was written with someone else's help.

So, I'm going to ask you if you can help me.

The PHP-part in the header is:

$sidan = $_GET['link'].'.php';

if ($sidan==".php") {
$sidan = "start.php";
}

//print $sidan;
?>


The PHP-part in the body is: 




As several of my sites are built on this string of PHP, this really sucks... the web hotel has closed down the site that got attacked. If anyone can help me, I'll be forever thankful... my own website is built up the exact same way if you want to check out the code there.

Source: http://community.livejournal.com/php/561688.html