On Wed, Sep 21, 2011 at 21:03, Daniel Brown <danbr...@php.net> wrote: > It never hurts to be overly cautious, but as MD5 hashes are > strictly alphanumeric (using hex characters), you won't have an issue > with injection with the code above. That is, of course, unless your > version of PHP is rebuilt without MD5 hash support, or some other > oddity that is on the outside edge of possibility. >
The rebuild without md5 is an interesting point. That sounds exactly like the type of it-will-never-happen-until-it-happens-to-me problems! Thanks for the heads up. -- Dotan Cohen http://gibberish.co.il http://what-is-what.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
