Re: Which file "Included" me?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



> Did you actually try his example?
No, I could not understand it. Now I see why:1) Where would the "experienced hacker" enter the attack? Now I seethat it is the URL of the attacked site. That was not clear, I thoughthat it was being entered into some form element that I did not see inthe code.2) I thought that yoursite.com is the attacked site, and mysite.com isthe attacking site. Now I see that the author just messed up and theyboth should have been yoursite.com.
Why not just use SCRIPT_NAME then? It doesn't contain the path variables.
-- Dotan Cohen
http://what-is-what.comhttp://gibberish.co.il
א-ב-ג-ד-ה-ו-ז-ח-ט-י-ך-כ-ל-ם-מ-ן-נ-ס-ע-ף-פ-ץ-צ-ק-ר-ש-תا-ب-ت-ث-ج-ح-خ-د-ذ-ر-ز-س-ش-ص-ض-ط-ظ-ع-غ-ف-ق-ك-ل-م-ن-ه‍-و-يА-Б-В-Г-Д-Е-Ё-Ж-З-И-Й-К-Л-М-Н-О-П-Р-С-Т-У-Ф-Х-Ц-Ч-Ш-Щ-Ъ-Ы-Ь-Э-Ю-Яа-б-в-г-д-е-ё-ж-з-и-й-к-л-м-н-о-п-р-с-т-у-ф-х-ц-ч-ш-щ-ъ-ы-ь-э-ю-яä-ö-ü-ß-Ä-Ö-Ü

[Index of Archives]     [PHP Home]     [Apache Users]     [PHP on Windows]     [Kernel Newbies]     [PHP Install]     [PHP Classes]     [Pear]     [Postgresql]     [Postgresql PHP]     [PHP on Windows]     [PHP Database Programming]     [PHP SOAP]

  Powered by Linux