> Last time I checked (well, a few months ago), PHP has the
> vulnerability that the user who submitted the form can
> manipulate the global namespace to let PHP pick up arbitrary
> file in the system. Can we now do safe file uploading without
> turning off register_globals?
Yes, this was fixed a
I am sorry if this is one of the FAQ.
Last time I checked (well, a few months ago), PHP has the
vulnerability that the user who submitted the form can
manipulate the global namespace to let PHP pick up arbitrary
file in the system. Can we now do safe file uploading without
turning off registe
2 matches
Mail list logo
