--- Bob Lockie <[EMAIL PROTECTED]> wrote:
> On 01/22/03 23:22 John W. Holmes spoke thusly
>
> > Pretty sure this is an Apache2/PHP bug. It was
> > discussed on here in the past few days.
> >
>
> I tried Apache 2.0.44 and PHP 4.3 and it still doesn't
> work. :-(
Apache 2.0.44 == Apache2
Chris
--
On 01/22/03 23:22 John W. Holmes spoke thusly
Pretty sure this is an Apache2/PHP bug. It was discussed on here in the
past few days.
I tried Apache 2.0.44 and PHP 4.3 and it still doesn't work. :-(
---John W. Holmes...
PHP Architect - A monthly magazine for PHP Professionals. Get your copy
Pretty sure this is an Apache2/PHP bug. It was discussed on here in the
past few days.
---John W. Holmes...
PHP Architect - A monthly magazine for PHP Professionals. Get your copy
today. http://www.phparch.com/
> -Original Message-
> From: Bob Lockie [mailto:[EMAIL PROTECTED]]
> Sent: We
Since original poster requests where to look.
http://www.php.net/manual/en/language.variables.external.php
PHP manual is great reference for PHP programmers. If you haven't read, it is
recommended to read.
Another link in zend.com
http://www.zend.com/zend/tut/
There are many useful links in www.z
> abc.com?client_no=5
>
> Now even though if that person emails you that url, you won't gain
> access to it bascause of authentication that is needed, what can happen
> is an authorized user could change the 5 in the url to 8, and then see
> the information that is there which belongs to client
It would be better to use randomly generated strings for your client ids
e.g. md5(uniqid(rand()));
This would be must harder for another use to guess.
Even better would be to store your users details in a session variable so
that the id will never appear in the url at all.
e.g. a very basic ex
6 matches
Mail list logo
