I get an error stating that this line in my code is a security risk when I
code it.
require_once($PLUGINS_DIRECTORY."forum/forum.php");
here is what the explanation is:
include() or analogous is used with variable argument this can be dangerous
since variables are in many cases controlled by remote users.
the recommended soloution is to write it this way
define('SCRIPT_PATH',"/htdocs");
include ('sSCRIPT_PATH."/Foo.inc");
my question is why is the other way safer? im kinda confused..
--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
