> I was hoping there's a way to tell apache to block requests where
> id=non_numeric.
It's trying to do a remote inclusion.
It's easy for you to fix in php:
if (isset($_GET['id'])) {
if (!is_numeric($_GET['id'])) {
die("Die hacker die!");
}
}
I'm sure there would be a way to do it with ModRewrite or something but
it's 5 lines of code in php so I'd do it there *shrug*.
--
Postgresql & php tutorials
http://www.designmagick.com/
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
