Posted by MZ on 09/29/76 12:01

Uzytkownik "Rik Wasmus" <luiheidsgoeroe@hotmail.com> napisal w wiadomosci
news:op.t5lsmesk5bnjuv@metallium.lan...
On Sun, 27 Jan 2008 20:30:14 +0100, MZ <marcinzmyslowski@poczta.onet.pl>
wrote:

> Hello!
>
> How to prevent from such try of attack of the website?
>
> http://www.example.com/index.php?id=0?;print_r(glob('*'));echo%20%22

By just not running/eval()ing arbitrary code from outside? You'd really
have to provide the mechanism for the hacker for this to work, it is not
an inherent vulnerability of PHP.
--
Rik Wasmus

Hello Rik!

Sorry English language is not my national language.
Please explain to me in details this sentence:

By just not running/eval()ing arbitrary code from outside?

What do you mean by asking me it?

You said that is not the weakness of PHP. Do you mean that PHP is
such attacks proof?

Thank you and sorry for such question
M.

• Next in forum: Re: question about safe
• Prev in forum: Re: Do people still use the .inc extension?
• Thread view: Re: question about safe

[Reply to this message]