It seems that if I create a php file in my dir at my hosting provider and do
include('/etc/passwd'); then wow, I see the contents of etc/passwd!Is this expected behavior??? I am looking at creating a script that takes a var in the url and includes the requested file. The purpose would be for only URLs (myscript.php?page=http://mysite.com/dir/cool.html, or relative URLs (myscript.php?page=/dir/cool.html). Can I do this without allowing someone to include files by filesystem reference??? Thanks! Shawn -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
