On Thu, 2003-04-03 at 12:43, Yoss wrote: > Why PHP is parsing file with ".php.txt" extension? I think that is a > security hole, because in easy way we can imagine that thereis php > script that should allow to upload only .txt files. 99% of coders will > check this with /.+?\.txt$/ because this is logic, that php script is > everything what ends with ".php". > Is there any way to prevent such a situation that not only /.+?\.php/ is > parsed by PHP? > If you need any additional informations (config files, or something) let > me know, I will send it with pleasure.
Did you enable content negotiation ?? If yes, then that is likely to cause your problem. -- Tot ziens, Bart-Jan
