We've expanded our news coverage and improved our search! Visit
oreilly.com for the latest or search for all things across O'Reilly!
Article:
 |
|
Ten Security Checks for PHP, Part 1
|
Subject: |
|
Not the kind of article i would expect from o'reilly! |
Date: |
|
2003-03-28 09:48:45 |
From: |
|
anonymous2
|
|
First, include("http://www.some-BAD-site.com/whatever.php") can't really do any harm, since it is executed on the some-bad-site.com, and not on the targeted machine.
Other stuff like POST and GET global issues have been dealt with php team, and using $_SUPERGLOBALS. This is also true for $_FILES, that can't be tricked in the described way.
That *where* good security tips, but maybe a year or two ago..
..Not the kind of article i would expect from o'reilly..
zombie
|
1 to 2 of 2
1 to 2 of 2