jimw Mon Jan 22 18:35:42 2001 EDT
Modified files:
/phpdoc/en/language variables.xml
Log:
document that HTTP_*_VARS are always set when enabled
Index: phpdoc/en/language/variables.xml
diff -u phpdoc/en/language/variables.xml:1.9 phpdoc/en/language/variables.xml:1.10
--- phpdoc/en/language/variables.xml:1.9 Sat Oct 14 06:26:28 2000
+++ phpdoc/en/language/variables.xml Mon Jan 22 18:35:42 2001
@@ -432,7 +432,9 @@
These variables are created by PHP itself. The
<varname>$HTTP_*_VARS</varname> variables are available only if
the <link linkend="ini.track-vars">track_vars</link>
- configuration is turned on.
+ configuration is turned on. When enabled, the variables are
+ always set, even if they are empty arrays. This prevents
+ a malicious user from spoofing these variables.
</simpara>
<note>
- [PHP-DOC] cvs: phpdoc /en/language variables.xml Jim Winstead
- [PHP-DOC] cvs: phpdoc /en/language variables.xm... Jani Taskinen
- [PHP-DOC] cvs: phpdoc /en/language variables.xm... Jeroen van Wolffelaar
- [PHP-DOC] cvs: phpdoc /en/language variables.xm... Hojtsy Gabor
- [PHP-DOC] cvs: phpdoc /en/language variables.xm... Philip Olson
- [PHP-DOC] cvs: phpdoc /en/language variables.xm... Philip Olson
- [PHP-DOC] cvs: phpdoc /en/language variables.xm... Philip Olson
- Re: [PHP-DOC] cvs: phpdoc /en/language vari... Gabor Hojtsy
- [PHP-DOC] cvs: phpdoc /en/language variables.xm... Philip Olson
- [PHP-DOC] cvs: phpdoc /en/language variables.xm... Torben Wilson
- [PHP-DOC] cvs: phpdoc /en/language variables.xm... Torben Wilson
