It was able to call up external includes using the below code which
resulted
that the server was used to send out spam.
How can I protect the code?
Is ../inc/ in the web path? $_SERVER['DOCUMENT_ROOT']
If so, then what do you mean by "external includes"? You need to move inc/
to a path unreachable by a browser yet reachable by PHP.
_________________________________________________________________
Test your celebrity IQ. Play Red Carpet Reveal and earn great prizes!
http://club.live.com/red_carpet_reveal.aspx?icid=redcarpet_hotmailtextlink2
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
