Oops, sorry to hear that.
Some scumbag always spoils it for everyone :-(
Looks like you can enable it if you really need it
though..
Mag
--- lists <[EMAIL PROTECTED]> wrote:
> I"m kinda bummed, I tried to us it last night and
> discovered I could
> not use it because Pair Networks disables the
> ability, can't include
> either.
>
> from their newsletter:
>
> "Lately, the most common method of exploit has been
> to pass a variable
> to a PHP script which does not sufficiently check
> the variable's value.
> The variable is then used in a "require" or
> "include" statement, and
> the variable contents cause malicious code to be
> fetched from a remote
> location instead of from a local file, as the author
> intended. This
> type of exploit is easily blocked by setting the
> allow_fopen_url
> configuration value to "Off." We have recently
> adopted this change
> globally; if you have a script that requires the
> ability to open remote
> URLs, you can re-enable this functionality. Before
> doing so, please
> make sure you are checking all user-supplied data
> carefully."
>
>
>
>
> On Oct 11, 2004, at 8:17 AM, Greg Donald wrote:
>
> > On Mon, 11 Oct 2004 07:24:03 -0700 (PDT), Mag
> <[EMAIL PROTECTED]> wrote:
> >> $url=file_get_contents("http://www.yahoo.com/";);
> >>
> >> The thing is, it takes quite some time (2-5 secs)
> >> before the contents are in my program (I am using
> my
> >> local webserver on my desktop for testing...not a
> >> webserver)
> >>
> >> My questions are for you more experienced guys...
> >> is there anyway to 'quicken' the process or is
> this
> >> normal?
> >> do you recommend anything other than
> >> file_get_contents() ?
> >> and lastly, is this a resource intensive hog?
> >
> > The 2-5 seconds is most likely a DNS lookup. You
> can speed it up by
> > using a local caching DNS server or the IP
> address, or possibly a DNS
> > server under less load.
> >
> > file_get_contents() is fairly new and and
> therefore not very backwards
> > compatible with older PHP installs as a result.
> It's handy and all,
> > but I found our production servers were running a
> PHP too old to use
> > it one day last week when I tried.
> >
> >
> > --
> > Greg Donald
> > Zend Certified Engineer
> > http://gdconsultants.com/
> > http://destiney.com/
> >
> > --
> > PHP General Mailing List (http://www.php.net/)
> > To unsubscribe, visit:
> http://www.php.net/unsub.php
> >
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
>
=====
------
- The faulty interface lies between the chair and the keyboard.
- Creativity is great, but plagiarism is faster!
- Smile, everyone loves a moron. :-)
_______________________________
Do you Yahoo!?
Declare Yourself - Register online to vote today!
http://vote.yahoo.com
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
