Hi,
I am wondering about the following paragraph at
http://at2.php.net/manual/en/function.is-uploaded-file.php.
> Returns TRUE if the file named by filename was uploaded via HTTP POST.
> This is useful to help ensure that a malicious user hasn't tried to
> trick the script into working on files u
there in case a bug
> will be introduced.
>
> Alexander Mueller wrote:
Thanks for the explanation Marek. When I fully entered PHP's arena the
global variables werent really an issue anymore, therefore I am more
familiar with the $_* arrays and wondered about this paragraph. So i
"Cpt John W. Holmes" wrote:
>
> The user can pass the name of a file on the server. If you're not doing any
> checks and moving or displaying the "file" the user "sent" you, you may end
> up moving, deleting, or displaying any file on your server.
>
> ---John Holmes...
Thanks John, but only in t
I am doing most of my data transfers by POST requests and found it to be
problematic when I want to browse the history with the browser's
navigation buttons. Although it works without problems in Opera (I didnt
try it with Netscape) it leads to a "Warning: Page has Expired" message
in IE. I unders
Raditha Dissanayake wrote:
>
> This does not work with multipart/form-data you need www-urlencoded (or
> just don't set an enctype attribute in your form)
What would happen in this case? The given filename would be passed to
the script?!
Alexander
--
PINO - The free Chatsystem!
Available at htt
Robert Sedlacek wrote:
>
> I don't know such a script, but my preferred way would be to make a
> 'header("Location: $site");' statement right after processing the
> POST-request and lead the user to the site where the changes can be seen.
>
> This also avoids duplicate db-entries and stuff...
>
Raditha Dissanayake wrote:
>
> Hi,
> Multipart/form-data sends the entire file, if you don't use that enctype
> yes, just the file name is sent.
>
> best regards
I see, but then $_FILES is probably not set. So it wouldnt be necessary
to use is_uploaded_file() if one solely uses $_FILES (but shou
Christoph Lockingen wrote:
>
> Hallo !
>
> Ich bin auf der Suche nach einer guten PHP Mailing-Liste, am besten in
> Deutsch...Falls ich hier falsch bin, bitte ich um Entschuldigung.
Ist grundsätzlich eine internationale Mailinglist (daher Englisch) :).
>
> 1. Wieso kann ich nicht per $_GET['li
I am not entirely sure what the following paragraph at
http://at2.php.net/manual/en/function.session-regenerate-id.php shall
mean
> As of PHP 4.3.3, if session cookies are enabled, use of
> session_regenerate_id() will also submit a new session cookie with the
> new session id.
What did it in 4.
Robb Kerr wrote:
>
> I am attempting to hack a tutorial from the Zend site. I have found the
> tutorial/project to be excellent, but I don't completely understand what's
> being done in the following Query statement.
>
> //query database, assemble data for selectors
> $Query = "SELECT s.ID, s
Frank Tudor wrote:
>
> I have a redirect that if conditions are right it will pass the
> user to a new page via $_POST.
>
> I am posting variables in the url and on this next page more
> form stuff awaits the user.
>
> If a user submits incorrect stuff in the form is posts to
> itself. The url
"Cpt John W. Holmes" wrote:
>
> PHP 4.3.2 created a new session ID, but it didn't resend the cookie. So the
> next request would include the old session ID again from the cookie.
I wonder what it is then good for. Changing the id internally without
notifying the client does not make much sense IM
Curt Zirzow wrote:
>
> how is it not comatible with Opera?
With 4.3.3 it works for IE and Mozilla, however Opera still has some
problems with recognising the new id under certain circumstances.
Alexander
--
PINO - The free Chatsystem!
Available at http://www.pino.org
--
PHP General Mailing Li
"Cpt John W. Holmes" wrote:
>
> If you're using sessions in the URL, then it works just fine.
>
> So, if PHP is less than 4.3.3, you need to use setcookie() to reset the
> value of the session id yourself. If you're using 4.3.3, then you don't have
> to worry about it.
I see, but then I would ra
14 matches
Mail list logo
