Am 07.05.2016 um 11:02 schrieb Werner Flamme:
2016-05-05 22:28 Wolfgang Mueller:
This afternoon, I have found a simple trick to use $_GET[] without reprogramming the whole scripts. It is just sufficient to put a line in the beginning of ever script that attributes the values submitted in the URL to the homonymous variable:
$param1 = $_GET["param1"]; $param2 = $_GET["param2"]; etc.
I already tested it with three scripts, and it seems to work pretty well.
You beg for punishment, don't you? :) I hope those scripts are not accessible from the web. Or that they don't run on a host where productive data is kept. Taking input without sanity checks is... dangerous.
... I thought the same on first sight. But then again, as he uses his old scripts I guess the adequate tests will follow using his variable names. With just "$param1 = $_GET["param1"];" as much as I know nothing can happen. Important is what follows, i.e. how he uses these variables, and I guess he id not put these things in the post to not bloat it... Daniel -- Daniel Bauer photographer Basel Barcelona http://www.daniel-bauer.com room in Barcelona: https://www.airbnb.es/rooms/2416137 -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org