 |
 |
 |
 |
|
|
|
Comments for: starkey20021020
| Message # 1014475: |
|
Date: 12/01/02 21:52
By: Ted Behling Subject: Security issue with $debug_ok If you use this article's method of setting $debug_ok and you have register_globals enabled, the public could enable debugging by adding &debug_ok=1 to their GET query string. It is preferable to always explicitly set $debug_ok, as in: if ($debug == 1 && in_array( $_SERVER['REMOTE_ADDR'], $debug_ips ) ) { $debug_ok = 1; } else { $debug_ok = 0; } |
Previous Message | Next Message |
| Comments: | ||
| Beginner Debugging: For Your Eyes Only | gbuisman | 08/03/05 11:30 |
| it tells me i don't have | Freeflashonlinegames Com | 12/07/04 09:31 |
| RE: Security issue with $debug_ok | John Starkey | 12/03/02 18:33 |
| Security issue with $debug_ok | Ted Behling | 12/01/02 21:52 |
| Fair enough, but why not a log file... | John Starkey | 10/22/02 17:58 |
| Fair enough, but why not a log file... | Oliver Tupman | 10/22/02 16:26 |
|
If you are looking for help, please post on the appropriate forum here. Your questions will be answered much more quickly. | ||
