<PRE>
This is a reaction from the documentation:
Arbritary Command Injection/Execution :: ALL VERSIONS
Probably another solution to prevent unauthorised access (by using variables from the global stack) are functions and classes. Each variable in a function is default local.
For example:
authorise ();
function authorise ()
{
// read $auth from database, cookie.
if ($auth == yes)
{
runsql();
header("Location:confirm.htm");
}
}
</PRE>
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
Arbritary commands can be injected and executed in PHP
<PRE>
This is a reaction from the documentation:
Arbritary Command Injection/Execution :: ALL VERSIONS
Probably another solution to prevent unauthorised access (by using variables from the global stack) are functions and classes. Each variable in a function is default local.
For example:
authorise ();
function authorise ()
{
// read $auth from database, cookie.
if ($auth == yes)
{
runsql();
header("Location:confirm.htm");
}
}
</PRE>