Re: allow_url_fopen & allow_url_include

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 




    allow_url_fopen is not a security issue - it only returns the code,
    it does not execute it.

    But yes you can use curl instead of relying on allow_url_fopen.


Well, allow_url_fopen is really a security issue. A renowned programmer (http://hasin.wordpress.com) said it could even cause DoS(Denial of Service) for the running server.

So can curl.

--
Postgresql & php tutorials
http://www.designmagick.com/


--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php


[Index of Archives]     [PHP Home]     [Apache Users]     [PHP on Windows]     [Kernel Newbies]     [PHP Install]     [PHP Classes]     [Pear]     [Postgresql]     [Postgresql PHP]     [PHP on Windows]     [PHP Database Programming]     [PHP SOAP]

  Powered by Linux