On Sun, 16 Jan 2005, Gal wrote: > I'm Working in organization which also using php on the Windows platform. > Because of the security holes in the older version and a COM bug at PHP > 4.3.10 (http://bugs.php.net/bug.php?id=31159) we are using a problematic > version. I'd just roll back to 4.3.9 and do proper input filtering. As long as you don't pass raw user data to unserialize or do something like include "$user_data/foo" while allowing $user_data to be huge, you are fine. -Rasmus -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
