I agree, but it may be usefull to tell those newbies that when you execute a command from PHP that will get some parameters from an external source (like a form or a get variable) ALWAYS use the
escapeshellcmd() function to prevent users from executing arbitrary commands. bvr. >There's such a large possibility of crappily-written code out >there, I don't know if its worth the traffic on this list >given that it's usually newbies. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
