Hi!
> I'm sure you have seen the same code in JSON hijack countermeasure.
>
> while(1){}
I think you misunderstood what I means. What I meant is you can inject
code without <? the same way you can inject code with <?, so where's the
improvement?
kill() function would be just an example of code being injected by
hostile third party (intent on killing your server, presumably). If I
can inject it with <?, what prevents me from injecting without <? ?
--
Stanislav Malyshev, Software Architect
SugarCRM: http://www.sugarcrm.com/
(408)454-6900 ext. 227
--
PHP Internals - PHP Runtime Development Mailing List
To unsubscribe, visit: http://www.php.net/unsub.php
