Just never do it period...that is the best habit to have...
That is poor coding on the programmers part...
On Fri, 2002-11-15 at 00:59, Maxim Maletsky wrote:
> using this method for a production environment is incredibly vulnerable.
> Just think of having a link on that page to some other site (o
using this method for a production environment is incredibly vulnerable.
Just think of having a link on that page to some other site (or even having
a third-party banner displayed) on which there is a hit counter (and on
90% there are) those can simply read the link in their logs.
Never ever use
I've tried both methods without success.
header("Location: http://(user):(pass)@www.mysite.com"); does the transfer
but I still get prompted for a username and password by Apache
readfile("http://(user):(pass)@www.mysite.com"); brings a warning message.
Warning: readfile("http://...@;www.mysite
very true :)
thx - I will keep that in mind...
"Chris Shiflett" <[EMAIL PROTECTED]> schrieb im Newsbeitrag
news:3DC71CBE.2050703@;php.net...
> You can "hide" URLs by fetching them with one of your own PHP scripts:
>
>
> readfile("http://user:password@;www.site.com/");
> ?>
>
> I think it might
You can "hide" URLs by fetching them with one of your own PHP scripts:
http://user:password@;www.site.com/");
?>
I think it might be at least better than frames. :-)
Chris
silver wrote:
you could use this URL syntax:
http://user:password@;www.site.com to automatically log your user in to the
hi - I'm not quite sure if this will help you, but lets give it a try:
you could use this URL syntax:
http://user:password@;www.site.com to automatically log your user in to the
htaccess protected area. the bad thing about it is that user / password show
up in the URL, but you could hide this inf
6 matches
Mail list logo
