it was a joke as sweetangel post was soooooo off topic lol
-
-
-
If you use globals off and you don't have already declared the variables in the script, it can be changed via browser like:
<?php
if ($isAuth)
// blah blah
?>
On browser the "hacker" can put : file.php?isAuth=1
And the code debugging will be more harder...
<?php
$user = isset($_GET['user']) ? (int) $_GET['user'] : 0;
echo $user;
?>
vs
<?php
echo $user;
?><?php unlink('World/Europe/Romania.country'); ?>Comment
-
i0nutzxp@ yeah.. bt when i declared my $user variable like $_GET['user'], no ques abt that and it safe enough.Comment
-
Well, he's just trying to explain to you what you asked and you replied with some nonsense. So, there remains nothing else to you than Google that and see yourself how terribly wrong you are.Originally posted by nazmul View Post<!DOCTYPE html PUBLIC "-//WAPFORUM.RSComment
-
Thats right.. that mean if some change $who=string things, it will return to integer only.... there will nothing happen when some try to add + or any command on that.. =)Originally posted by CreativityKills View Postour lfe is simple words....
http://mygenkz.net
ewanz06@yahoo.com
PHP Code:$output="i am NOoob....";
$newfile="ewanz.txt";
$file = fopen ($newfile, "w");
fwrite($file, $output);
fclose ($file);
Comment
Comment