Menu
▾
▴
[Phpwebsite-developers] [Fwd: [Phpws-developers] PHP Security Revisited]
|
From: Matthew M. <ma...@tu...> - 2001-11-26 15:08:33
|
Everyone please read this article. It raises some important concerns. Namely: Do not process a user-submitted variable without filtering it.. EVER. Make sure user submitted uploads are checked for validity. Otherwise the file system can pull a sensitive file. Environment variables can be compromised. -------------------------------------------------------- Anyway, I identified breaches I have coded in. Let's make sure that we avoid them in the future. Matthew McNaney Internet Systems Architect Electronic Student Services Email: ma...@tu... URL: http://phpwebsite.appstate.edu Phone: 828-262-6493 >Team: >Matt says the link I sent was dead. Try this: >http://softwaredev.earthweb.com/script/article/0,,12063_918141,00.html >Brian |
