I am sorry if this is one of the FAQ.
Last time I checked (well, a few months ago), PHP has the
vulnerability that the user who submitted the form can
manipulate the global namespace to let PHP pick up arbitrary
file in the system. Can we now do safe file uploading without
turning off
Last time I checked (well, a few months ago), PHP has the
vulnerability that the user who submitted the form can
manipulate the global namespace to let PHP pick up arbitrary
file in the system. Can we now do safe file uploading without
turning off register_globals?
Yes, this was fixed a
2 matches
Mail list logo