Not having read it, but I would assume that one of the recommended settings is not to extrapolate ?test=1 into $test, as this was an acknowledged source of security holes in php applications. - The point being that issues like this will come up, and it will hint to developers that they should start looking at using HTTP_POST/GET_VARS or $_GET or & $_POST.
Nadmin of course was built on the old assumtion :) regards alan Emiliano wrote: >Miles Scruggs wrote: > >>OK all up and running. Here are some things that your might want to look >>into. I used the newest php source and when I tried to use the >>php.ini-recomended to set some of the dirrectives it would break. I could >>never get a login screen, it would just break into an infinite loop. You >>might want to look into that. >> > >Hmm.... I think I've seen reports before about the 'optimized' php.ini >(whatever that is, I know they ship or shipped one with PHP) would cause >midgard not to function properly. > >Emile > > >--------------------------------------------------------------------- >To unsubscribe, e-mail: [EMAIL PROTECTED] >For additional commands, e-mail: [EMAIL PROTECTED] > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
