armtuk: Cheetah (Default)
[personal profile] armtuk
From the PHP homepage:


PHP 5.2.7 has been removed from distribution
[07-Dec-2008]

Due to a security bug found in the PHP 5.2.7 release, it has been removed from distribution. The bug affects configurations where magic_quotes_gpc is enabled, because it remains off even when set to on. In the meantime, use PHP 5.2.6 until PHP 5.2.8 is later released.


This means that even if you used magic_quotes_gpc, which is evil anyway, but necessary for MySQL (reasons not to use MySQL and PHP), you would have been open to an injection attack, and that values that had single quotes in them like O'Reilly would have broken your site.

Can anyone say regression tests?

PHP - Not enterprise software.
From:
Anonymous( )Anonymous This account has disabled anonymous posting.
OpenID( )OpenID You can comment on this post while signed in with an account from many other sites, once you have confirmed your email address. Sign in using OpenID.
User
Account name:
Password:
If you don't have an account you can create one now.
Subject:
HTML doesn't work in the subject.

Message:

 
Notice: This account is set to log the IP addresses of everyone who comments.
Links will be displayed as unclickable URLs to help prevent spam.

Profile

armtuk: Cheetah (Default)
armtuk

April 2017

S M T W T F S
      1
2345678
9101112131415
16171819 202122
23242526272829
30      

Most Popular Tags

Style Credit

Expand Cut Tags

No cut tags
Page generated Sep. 22nd, 2017 03:16 pm
Powered by Dreamwidth Studios