[nycphp-talk] $_SERVER['PHP_SELF'} not working?
George Schlossnagle
george at omniti.com
Thu Jul 21 11:28:50 EDT 2005
On Jul 21, 2005, at 11:27 AM, Aaron Fischer wrote:
>>
>
> I see, thanks. So the jist of it is that in PHP 5 the user can still
> pass bad stuff to PHP_SELF through the query string if they use the /
> token.
In PHP4 too. They behave the same, my original comment was a typo/
thoughto.
>
> I'm interested in learning more about security stuff and
> filtering/cleansing user data. Checking out Tim's link...
It's important stuff to know. Great power/great responsibility, etc.
etc.
George
More information about the talk
mailing list