 |
 |
 |
 |
|
|
Date: 07/14/01
- Next message: ANITA L JOHNSON: "[phplib] I have not received a confirmation letter"
- Previous message: nathan r. hruby: "[phplib] Re[2]: [phplib-dev] security: READ THIS!"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
hmm haven't been able to do any thing bad with my site yet, and didn't
thank goodness
have any thing critical, that isn't backed up by firewall rules
(assumes all clients are kind and good).
but adding get paramater of _PHPLIB=anything did screw stuff up. tried
setting
registar global varss to off. SPLAT phplib fell on its face. have
implamented
slamming _PHPLIB in the preappend file to "". fixes that attack, as
valid or
invalid as it may be. all other global vars hmmmm which happens first
are global
vars say severname,scriptname,etc set b 4 or after get,post,cookies are
made global?
otherwise i didnt know about the global feature pick post method and use
http_post_vars,
which if need to be saved are saved in session vars which should reload
vars from frozen session
replacing any malius get/post/cookies vars. Am I wrong??????
I've got about 2 man years into php, phplib and im not going to give up
without a fight,
and be stuck in uncle bills world where the software is free when you
buy the computer,
but if you have a computer the software is not free, and if you dont use
the software you
cant get your money back !!!!!!!!!!
-- My opinions are my own and not that of my employer even if I am self employed-- Abbestellen mit Mail an: phplib-unsubscribe <email protected> Kommandoliste mit Mail an: phplib-help <email protected>
- Next message: ANITA L JOHNSON: "[phplib] I have not received a confirmation letter"
- Previous message: nathan r. hruby: "[phplib] Re[2]: [phplib-dev] security: READ THIS!"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]