On Friday 27 July 2001 12:51, Marc Boeren wrote:
> if ($internal_variable == 'whatever') {
>     // do something, knowing that a user could never have set this
>     }
> The second check is where a lot of scripts are exploitable, I think, if
> register_globals=on, because programmers do not expect user-input in this
> variable.

...but will be caught perfectly by E_ALL
Phil Driscoll

PHP Development Mailing List <http://www.php.net/>
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]

Reply via email to