Thinkphp3.2 information disclosure

Log information disclosure
thinkphp In the open debug In the case of Runtime Directory generation log , If debug The mode is not off , You can directly enter the input force to cause directory traversal
Thinkphp3.2 structure :\Application\Runtime\Logs\Home\22_07_05.log
Thinkphp3.1:\Runtime\Logs\Home\22_07_05.log
index.php Turn on debug Pattern

<?php
// +----------------------------------------------------------------------
// | ThinkPHP [ WE CAN DO IT JUST THINK ]
// +----------------------------------------------------------------------
// | Copyright (c) 2006-2014 http://thinkphp.cn All rights reserved.
// +----------------------------------------------------------------------
// | Licensed ( http://www.apache.org/licenses/LICENSE-2.0 )
// +----------------------------------------------------------------------
// | Author: liu21st <[email protected]>
// +----------------------------------------------------------------------

//  Application entry file 

//  testing PHP Environmental Science 
if(version_compare(PHP_VERSION,'5.3.0','<'))  die('require PHP > 5.3.0 !');

//  Turn on debugging mode   Suggest to start the development phase   Deployment phase comment or set to false
define('APP_DEBUG',True);
// Define the web address 
define('SITE_URL','http://www.tp.com:8080/index.php');

//  Define the application directory 
define('APP_PATH','./Application/');

//  introduce ThinkPHP Entrance file 
require './ThinkPHP/ThinkPHP.php';

//  Pro - ^_^  There is no need for any code later   It's so simple 

Cache leaks
F Method
S Method

<?php
namespace Home\Controller;
use Think\Controller;
class TestController extends Controller {
    
    public function index(){
    
     F("data","<?php phpinfo() ?>");// Fast cache , This method can be used in /Data/ Generate under directory data.php The content of the document is  phpinfo()
     S("data","123456");// Using this method will be in Temp Create one in the directory md5 A file with a filename 

    }

    public function login(){
    
        $this->display();
    }

}

Enable debugging trace
\Application\Home\Conf\config.php

<?php return array( //' Configuration item '=>' Configuration values ' 'SHOW_PAGE_TRACE' =>true, );