just stummbled across this great study by Shaun Clowes on php security, this is just the kind of information I have been looking for, thought others could also benefit from it.
http://www.securereality.com.au/studyinscarlet.txt found during google search: PHP Security cheers, joseph -- PHP General Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]