Marthe,
How was the script executed and under what user privileges? Was it executed
by a client from a browser or was it executed directly from the command
line?
PHP is a server-side scripting language (that can also be configured to
execute as a standalone language). Your clients should not be
This is not PHP problems but it's a programming problems.
Just paste your code here and remove the original one on you site.
Many people here will help.
--
-Tuna-
""Marthe Kristiansen"" <[EMAIL PROTECTED]> wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Hey you guys!
>
> I'm a
Marthe, if you post the script we can all get to the bottom of this pretty
quickly. You have a lot of expertise here ready to help. Just copy and
paste it into your email.
BTW, you should remove it from your site before you post it, if at all
possible.
Good luck.
..
@ 1:54:08 AM on 4/3/2001, Rasmus Lerdorf wrote:
RL> So you wrote a script that took a filename as an argument somehow and did
RL> something with it? That's always going to be insecure unless you do a lot
RL> of error checking on it.
...
RL> On Tue, 3 Apr 2001, Marthe Kristiansen wrote:
...
>>
02, 2001 11:05 PM
> To: Php-General
> Subject: RE: [PHP] Safety with PHP.
>
>
> Is there an easy way to do this when I'm so new at this that I don't quite
> understand what I'm doing wrong and how to prevent all those
> mistakes in the
> beginning?
4 AM
To: Marthe Kristiansen
Cc: Php-General
Subject: RE: [PHP] Safety with PHP.
So you wrote a script that took a filename as an argument somehow and did
something with it? That's always going to be insecure unless you do a lot
of error checking on it.
-Rasmus
On Tue, 3 Apr 2001, Mart
[EMAIL PROTECTED]]
> Sent: Monday, April 02, 2001 10:54 PM
> To: Marthe Kristiansen
> Cc: Php-General
> Subject: RE: [PHP] Safety with PHP.
>
>
> So you wrote a script that took a filename as an argument somehow and did
> something with it? That's always going to be inse
So you wrote a script that took a filename as an argument somehow and did
something with it? That's always going to be insecure unless you do a lot
of error checking on it.
-Rasmus
On Tue, 3 Apr 2001, Marthe Kristiansen wrote:
> Well, since I'm a newbie and also Norwegian it ain't that easy to
to:[EMAIL PROTECTED]]
Sent: Tuesday, April 03, 2001 7:44 AM
To: Marthe Kristiansen
Cc: Php-General
Subject: Re: [PHP] Safety with PHP.
Not much to go on here. Basically don't do whatever it was you did. And
yes, understanding the environment you are working in, both the OS and PHP
and whatever
Hey Marthe,
Do you know what he did? The problem may not have been a "PHP" problem
as much as a design or security issue...if you could include some code,
or tell us what he actually did, we might be able to explain a) why its
a problem or b) why its not a PHP issue...
best regards,
jack
Marthe
Not much to go on here. Basically don't do whatever it was you did. And
yes, understanding the environment you are working in, both the OS and PHP
and whatever 3rd party stuff you hook PHP up to is the first step to
making stuff secure.
-Rasmus
On Tue, 3 Apr 2001, Marthe Kristiansen wrote:
>
11 matches
Mail list logo
