Hi all, I was trying to reproduce this problem: http://www.securityfocus.com/archive/1/453432
and I just remembered that PHP itself, since 5.1.2, has a protection for this:
http://www.php.net/ChangeLog-5.php"Fixed possible header injection by limiting each header to a single line. (Ilia)"
This is probably why I can't reproduce but from now on, I'll try with an older PHP.
Marc -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
