http://www.randomhacks.net/articles/2002/07/22/yet-another-php-hole en-us 40 Technology and Other Fun Stuff <p><a href='http://news.com.com/2100-1001-945480.html'>A new security problem</a> has been discovered in PHP 4.2.x. This is not the <a href='http://news.com.com/2100-1001-847092.html'>first</a> major hole in PHP, and it probably won't be the last.</p> <p>Even if your PHP runtime is secure, it's <a href='http://old.lwn.net/2001/0704/a/study-in-scarlet.php3'>really hard</a> to write secure PHP scripts. There's so many things that can go wrong--malicious users setting "internal" global variables, <a href='http://www.phpadvisory.com/advisories/view.phtml?ID=7'>SQL injection</a> attacks, ".inc" files containing passwords, and a whole host of other all-to-common bugs.</p> <p>Just say no.</p> Mon, 22 Jul 2002 00:00:00 -0400 urn:uuid:08169500-de0a-445f-9d5d-4e24aa591107 Eric http://www.randomhacks.net/articles/2002/07/22/yet-another-php-hole Security http://www.randomhacks.net/articles/trackback/14