Surely the lesson here is to NEVER NEVER NEVER write PHP code which accepts a filename of any kind as one of its arguments. Yes, it will make some of your code a bit less versatile and more long winded, but you can bet your bottom dollar that someone can find a crafty way around whatever syntax checking you do. Cheers -- Phil Driscoll -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
- Re: [PHP] writing a query that ret... Chris Anderson
- RE: [PHP] writing a query that... Matthew Loff
- Re: [PHP] writing a query that ret... mike cullerton
- RE: [PHP] Security of PHP code Adrian Ciutureanu
- RE: [PHP] Security of PHP code Tim Taubert
- RE: [PHP] Security of PHP code Rasmus Lerdorf
- RE: [PHP] Security of PHP code Christopher Ostmo
- RE: [PHP] Security of PHP code Richard Heyes
- RE: [PHP] Security of PHP code Hankley, Chip
- Re: [PHP] Security of PHP code Delbono
- Re: [PHP] Security of PHP code Phil Driscoll
- Re: [PHP] Security of PHP code Christopher Ostmo
- RE: [PHP] Security of PHP code Matt Williams
- Re: [PHP] Security of PHP code Tyrone Mills
- Re: [PHP] Security of PHP code Arcady Genkin
- RE: [PHP] Security of PHP code Jon Haworth
- Re: [PHP] Security of PHP code Steve Werby
- Re: [PHP] Security of PHP code Sascha Schumann
- Re: [PHP] Security of PHP code Delbono
- Re: [PHP] Security of PHP code Steve Werby
- Re: [PHP] Security of PHP code Ryan
