file opening attempts would also appear in the
PHP error log, making it easier to spot such security
attacks.
Any ideas how the $md5hash KEY could be stored on localhost,
so PHP can read it, and then compare that KEY with the value
the programmer passes into the url_fopen($file, $mode, $md5hash
allow use of the above 2 functions from the
# filesystem group, but still leaving the others disabled.
...
Obviously, there must be a number of core functions that
php needs, and these probably cannot be disabled.
Would this be practical?
Kind Regards - Keith Roberts
--
PHP Internals - PHP Ru
