allow_url_fopen is not a security issue - it only returns the code,
it does not execute it.
But yes you can use curl instead of relying on allow_url_fopen.
Well, allow_url_fopen is really a security issue. A renowned programmer
(http://hasin.wordpress.com) said it could even cau
---
Use FreeOpenSourceSoftwares, Stop piracy, Let the developers live. Get
a Free CD of Ubuntu mailed to your door without any cost. Visit :
www.ubuntu.com
--
On
Kaushal Shriyan wrote:
On Tue, Mar 3, 2009 at 12:21 PM, Kaushal Shriyan
mailto:kaushalshri...@gmail.com>> wrote:
On Tue, Mar 3, 2009 at 11:52 AM, Chris mailto:dmag...@gmail.com>> wrote:
Kaushal Shriyan wrote:
Hi,
I have enabled allow_url_fopen & allow_url_
On Tue, Mar 3, 2009 at 12:21 PM, Kaushal Shriyan
wrote:
> On Tue, Mar 3, 2009 at 11:52 AM, Chris wrote:
>
>> Kaushal Shriyan wrote:
>>
>>> Hi,
>>>
>>> I have enabled allow_url_fopen & allow_url_include in php.ini file.
>>> is it a security issue ?
>>>
>>
>> allow_url_fopen means you can fetch pag
On Tue, Mar 3, 2009 at 11:52 AM, Chris wrote:
> Kaushal Shriyan wrote:
>
>> Hi,
>>
>> I have enabled allow_url_fopen & allow_url_include in php.ini file.
>> is it a security issue ?
>>
>
> allow_url_fopen means you can fetch pages:
>
> $page = file_get_contents('http://www.example.com');
>
> This
Kaushal Shriyan wrote:
Hi,
I have enabled allow_url_fopen & allow_url_include in php.ini file.
is it a security issue ?
allow_url_fopen means you can fetch pages:
$page = file_get_contents('http://www.example.com');
This is ok to enable - all it does is fetch the page. It does not
execute t
Hi,
I have enabled allow_url_fopen & allow_url_include in php.ini file.
is it a security issue ?
please help me understand about its implications.
Thanks and Regards
Kaushal
7 matches
Mail list logo