On Friday 27 April 2007 14:26, Cristian Rodriguez R. wrote:
John D Lamb escribió:
<form method="post" action="<?php echo $SEVER['PHP_SELF']; ?>">
Sure,and then you get a free security hole.
it should say.
<form method="post" action="<?php echo $_SERVER['SCRIPT_NAME']; ?>">
or in case you **really** want to use PHP_SELF
<form method="post" action="<?php echo htmlspecialchars($_SERVER['PHP_SELF']); ?>">
If that's true, then anyone could just grab the HTML, change the SCRIPT_NAME back to PHP_SELF, edit or add an action= attribute so the original server's URL is targeted and that server is rendered vulnerable again. So again I ask, is PHP really this unsecure? Are all the phpBB sites, all the MediaWikis (including WikiPedia) vulnerable to such a trivial exploit? I hope not... Randall Schulz -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org