On 02/09/2011 09:54 AM, Steven Kurylo wrote: >> I understand that, the problem I have is that there isn't any way for >> unauthenticated users to upload files to this server. This makes me >> worried that we didn't patch the actual vulnerability and instead just >> patched one path to the vulnerability. > > How is $thisfile created? > > I don't see the problem in the code either. Perhaps ask on stackoverflow?
I'm not quite sure which question you are asking. If you are asking where is that variable defined on the system, then here is where $thisfile is initialized: $thisfile = ltrim(strtok(strrchr($u['path'],'/'), '?'),'/'); If you are asking how that file that's referencing is created on the filesystem, then it's done manually. I believe this is to let you provide different versions of the file in different languages if you want. There isn't any automatic way (that I know of or can find) to create those files. -- Thanks Jefferson Cowart [email protected] _______________________________________________ Tech mailing list [email protected] https://lists.lopsa.org/cgi-bin/mailman/listinfo/tech This list provided by the League of Professional System Administrators http://lopsa.org/
