Reply to Re: [PHP] Newbie: Safe function call to a .inc file outside the web folder

Your name:

Reply:


Posted by Edward Vermillion on 08/26/05 13:55

Chris Shiflett wrote:

> Because $_SERVER['SERVER_NAME'] can be manipulated by the user in some
> cases, you must consider $temp tainted at this point.
>

I was under the the impression that the non-'HTTP_*' keys in the
$_SERVER array came from the server itself. Obvoiusly I'm wrong, but I'm
curoius how 'SERVER_NAME' could be manipulated by the client. Is there
anything in the $_SERVER array that *can* be considered safe?

[Back to original message]


Удаленная работа для программистов  •  Как заработать на Google AdSense  •  England, UK  •  статьи на английском  •  PHP MySQL CMS Apache Oscommerce  •  Online Business Knowledge Base  •  DVD MP3 AVI MP4 players codecs conversion help
Home  •  Search  •  Site Map  •  Set as Homepage  •  Add to Favourites

Copyright © 2005-2006 Powered by Custom PHP Programming

Сайт изготовлен в Студии Валентина Петручека
изготовление и поддержка веб-сайтов, разработка программного обеспечения, поисковая оптимизация