[EMAIL PROTECTED] wrote: > Jani Taskinen <[EMAIL PROTECTED]> writes: > >> Please troll, do you go away if I close my eyes? > > That's not fair. Russell is providing strong arguments and rebuttals for > every point. You may not agree with his points, but what he's doing is not > trolling. This discussion seems to have strong backing on both sides of the > issue.
i agree full! isnt it possible to add a check to the include*()/require*() statement that checks the parameter for existence in the superglobal $_REQUEST if the same value is found in $_REQUEST it could raise a WARNING, and notice the user about this security-leak. -- Sebastian Mendel www.sebastianmendel.de www.sf.net/projects/phpdatetime | www.sf.net/projects/phptimesheet -- PHP Internals - PHP Runtime Development Mailing List To unsubscribe, visit: http://www.php.net/unsub.php
