Re: [PHP] Safety with PHP.

Marthe, if you post the script we can all get to the bottom of this pretty quickly. You have a lot of expertise here ready to help. Just copy and paste it into your email. BTW, you should remove it from your site before you post it, if at all possible. Good luck.

Re: [PHP] Safety with PHP.

This is not PHP problems but it's a programming problems. Just paste your code here and remove the original one on you site. Many people here will help. -- -Tuna- ""Marthe Kristiansen"" [EMAIL PROTECTED] wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Hey you guys! I'm a new

RE: [PHP] Safety with PHP.

Marthe, How was the script executed and under what user privileges? Was it executed by a client from a browser or was it executed directly from the command line? PHP is a server-side scripting language (that can also be configured to execute as a standalone language). Your clients should not be

Re: [PHP] Safety with PHP.

Not much to go on here. Basically don't do whatever it was you did. And yes, understanding the environment you are working in, both the OS and PHP and whatever 3rd party stuff you hook PHP up to is the first step to making stuff secure. -Rasmus On Tue, 3 Apr 2001, Marthe Kristiansen wrote:

Re: [PHP] Safety with PHP.

Hey Marthe, Do you know what he did? The problem may not have been a "PHP" problem as much as a design or security issue...if you could include some code, or tell us what he actually did, we might be able to explain a) why its a problem or b) why its not a PHP issue... best regards, jack Marthe

RE: [PHP] Safety with PHP.

PROTECTED]] Sent: Tuesday, April 03, 2001 7:44 AM To: Marthe Kristiansen Cc: Php-General Subject: Re: [PHP] Safety with PHP. Not much to go on here. Basically don't do whatever it was you did. And yes, understanding the environment you are working in, both the OS and PHP and whatever 3rd party stuff

RE: [PHP] Safety with PHP.

So you wrote a script that took a filename as an argument somehow and did something with it? That's always going to be insecure unless you do a lot of error checking on it. -Rasmus On Tue, 3 Apr 2001, Marthe Kristiansen wrote: Well, since I'm a newbie and also Norwegian it ain't that easy to

RE: [PHP] Safety with PHP.

]] Sent: Monday, April 02, 2001 10:54 PM To: Marthe Kristiansen Cc: Php-General Subject: RE: [PHP] Safety with PHP. So you wrote a script that took a filename as an argument somehow and did something with it? That's always going to be insecure unless you do a lot of error checking

RE: [PHP] Safety with PHP.

Kristiansen Cc: Php-General Subject: RE: [PHP] Safety with PHP. So you wrote a script that took a filename as an argument somehow and did something with it? That's always going to be insecure unless you do a lot of error checking on it. -Rasmus On Tue, 3 Apr 2001, Marthe Kristiansen wrote

RE: [PHP] Safety with PHP.

:05 PM To: Php-General Subject: RE: [PHP] Safety with PHP. Is there an easy way to do this when I'm so new at this that I don't quite understand what I'm doing wrong and how to prevent all those mistakes in the beginning? /Marthe -- PHP General Mailing List (http://www.php.net

Re: [PHP] Safety with PHP.

@ 1:54:08 AM on 4/3/2001, Rasmus Lerdorf wrote: RL So you wrote a script that took a filename as an argument somehow and did RL something with it? That's always going to be insecure unless you do a lot RL of error checking on it. ... RL On Tue, 3 Apr 2001, Marthe Kristiansen wrote: ...