Hi,
@Graham: It will probably be one of the two:
1- Overwrite the superglobal indexes ( $_GET['foo']->asFloat() )
2- Use a method/class to taint the value ( taint_float( $_GET['foo'] ) )
I illustrated both and why both have their drawback.
@Richard: I already read the Marco's article. My implemen
On 10/08/07, Guilherme Blanco <[EMAIL PROTECTED]> wrote:
> Hi,
>
> It seems you had an interesting idea, but AFAIK it'll not incorporated
> in core by PHP Team.
> Yeah, sounds bad, but you cannot simply turn all variables into
> objects and try to get them.
>
> Seems you're trying something like th
On 10/08/07, Guilherme Blanco <[EMAIL PROTECTED]> wrote:
> Hi,
>
> It seems you had an interesting idea, but AFAIK it'll not incorporated
> in core by PHP Team.
> Yeah, sounds bad, but you cannot simply turn all variables into
> objects and try to get them.
>
> Seems you're trying something like th
Hi,
It seems you had an interesting idea, but AFAIK it'll not incorporated
in core by PHP Team.
Yeah, sounds bad, but you cannot simply turn all variables into
objects and try to get them.
Seems you're trying something like that:
$_GET['foo']->asString(); // echo: Bar
This will never happen, PH
Late last year I started a discussion on this list with a proposal
to add Perl/Ruby-like taint support to PHP - a feature that a
developer may turn on to find out where to insert explicit cleaning
operations to avoid code injection etc. vulnerabilities. With
applications that are explicitly writte
