> But unfortunately a dedicated server does not cost much more than virtual > hosting anymore (just have a look at http://powerraq.com/ ). PHP is > mostly pre-installed (with "dev settings" and not "production settings" - > many admins even forget to switch on safe_mode) and this lazyness > leads to thousands of insecure PHP installations on production > machines.
Why would you switch on safe_mode if you have a dedicated server? That makes no sense. There is also nothing unsafe about the session code if you are on a dedicated server. -Rasmus -- PHP Development Mailing List <http://www.php.net/> To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
