You are here: Re: vulnerability ? « PHP Language « IT news, forums, messages
Re: vulnerability ?

Posted by Peter on 09/29/07 15:27

Addionally,

I figure this piece of code needs to be mentioned as well (placed before the
earlier mentioned code) :

if($_SERVER['QUERY_STRING']!="")
$special_char='?';
else $special_char="";

Followed by earlier mentioned piece of code:

$link =
explode('/',$_SERVER['PHP_SELF'].$special_char.$_SERVER['QUERY_STRING']);
$from = $link[sizeof($link)-1];

Further investigating also shows (not hundred % sure, but it looks like it)
that the problem only occurs on pages where parameters can be passed.

e.g. page1?item=1
etc.

 

Navigation:

[Reply to this message]


Удаленная работа для программистов  •  Как заработать на Google AdSense  •  England, UK  •  статьи на английском  •  PHP MySQL CMS Apache Oscommerce  •  Online Business Knowledge Base  •  DVD MP3 AVI MP4 players codecs conversion help
Home  •  Search  •  Site Map  •  Set as Homepage  •  Add to Favourites

Copyright © 2005-2006 Powered by Custom PHP Programming

Сайт изготовлен в Студии Валентина Петручека
изготовление и поддержка веб-сайтов, разработка программного обеспечения, поисковая оптимизация