Re: Include with variables - why does this work ? — PHP Programming Language

You are here: Re: Include with variables - why does this work ? « PHP Programming Language « IT news, forums, messages

Posted by Rik on 01/12/07 16:59

Robin wrote:
> As no one else has pointed it out (though it should be obvious)...
>
> Doing include($file) without any validation of $file would be a big
> bad security hole.

It never even occured to me to include files I did not write myself :P

Validating a file is very difficult, you'll have to check it by hand.
--
Rik Wasmus

Navigation:

Next in forum: Re: Encrypting Passwords
Prev in forum: Re: Problem with Code
Thread view: Re: Include with variables - why does this work ?

[Reply to this message]

Удаленная работа для программистов • Как заработать на Google AdSense • England, UK • статьи на английском • PHP MySQL CMS Apache Oscommerce • Online Business Knowledge Base • DVD MP3 AVI MP4 players codecs conversion help

Home • Search • Site Map • Set as Homepage • Add to Favourites

Сайт изготовлен в Студии Валентина Петручека —
изготовление и поддержка веб-сайтов, разработка программного обеспечения, поисковая оптимизация