Christopher Kunz wrote:
If you filter user input correctly, there's absolutely nothing to worry. You might, however, want to check out the Hardening Patch for PHP (http://www.hardened-php.net/, shameless plug) which permits include()
"disallows", of course. It has been a long week, I apologize. --ck _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/