Login or Register to Ask a Question and Join Our Community


UNIX for Dummies Questions & Answers

Php

 
Thread Tools Search this Thread
Top Forums UNIX for Dummies Questions & Answers Php
# 1  
Old 07-06-2005
Php
my friend has just made a website which lets you view pages with URL like page=blah.php and stuff, iv tried to explain to him that it's bad becuase people could do page=/etc/passwd but he said he used a shadow file so is np

is there anyway this still could be exploited or is he right?
# 2  
Old 07-06-2005
Even if he is using a shadow file, that only hides the password for the account - the account information would still be in /etc/passwd - WHY give away anything?

Have him look at PHP Security mistakes
 
Login or Register to Ask a Question

Previous Thread | Next Thread

4 More Discussions You Might Find Interesting

1. What is on Your Mind?

Saturday May 4th the Forums Will Briefly Break Testing PHP 5.6 to PHP 7.0

On Saturday May 4th the forums will briefly break when I switch our Apache PHP 5.6 module to PHP 7.0. Previously, I had two sites set up for testing the migration, but for many reasons, the second site has additional issues unrelated to PHP 7.0 so it is hard to debug on a different site and... (3 Replies)
Discussion started by: Neo
3 Replies

2. Red Hat

Update php 4.3 RPM to php 5.3.3 php

Dear All, My redhat version is: # cat /etc/redhat-release Red Hat Enterprise Linux AS release 4 (Nahant Update 4) # # uname -a Linux cotapplication3.cot.com 2.6.9-42.ELsmp #1 SMP Wed Jul 12 23:32:02 EDT 2006 x86_64 x86_64 x86_64 GNU/Linux # I want to update my php from: # php... (1 Reply)
Discussion started by: monojcool
1 Replies

3. UNIX for Advanced & Expert Users

Running multiple php scripts into one php only, cron mail alert problem...

hi, while separated they produce the usual mail alert and i can see the output... if i write into the php script: <?php system('php -f /var/www/vhosts/domain.com/httpdocs/folder/script1.php'); system('php -f /var/www/vhosts/domain.com/httpdocs/folder/script2.php'); system('php -f... (0 Replies)
Discussion started by: 7stars
0 Replies

4. Web Development

I can't open my index.php page after insert php code

Hello guys, Does anyone can help me? I've just made my simple index.php without any code, but after insert session code to check if any user is authenticated, my index.php doesn't work anymore. Any fresh eyes could help me to see what and where the code is wrong? <? if... (6 Replies)
Discussion started by: metalfreakbr
6 Replies
Login or Register to Ask a Question