rotsen at gmail.com
Wed Oct 25 10:53:39 EDT 2006
Daniel thanks for your help.
I can tell you that this is not user input but I was printing
variable to try to debug the problem.
I do not know what typos you are referring to since those lines
of code worked, can you tell me what typos you are talking about.
Putting the quotes around the $form is not necessary but is not ilegal.
The problem I found in calling the "FIle($file)". $file will include a file
check for session information and it will send the page to a login page.
I found the problem as soon as I went home when I was thinking about it
while eating dinner (ha, ha,..)
Thanks for your help,
On 10/24/06, Daniel Convissor <danielc at analysisandsolutions.com> wrote:
> Hi Nestor:
> On Mon, Oct 23, 2006 at 04:58:59PM -0700, N?stor wrote:
> > $from = $_SERVER['HTTP_REFERER'];
> > print "refer=|" . $_SERVER['HTTP_REFERER'] . "|<br>\n";
> > print "from=|" . $from . "|<br>\n";
> > ---
> > refer=|http://maggie.sdcwa.org/eng/project/view_project.phtml|
> > form=|http://maggie.sdcwa.org/eng/project/view_project.phtml|
> > The problem is that if I use the code below to read the file then
> > $lines is empty.
> > $lines = file("$from");
> First, let me say this is a VERY VERY VERY bad idea for security
> reasons. Never use user input for stuff like that.
> Second, from the typos you have above, it is clear your example shown
> here is produced by typing rather than not copying and pasting. So we
> can't diagnose what's really happening.
> Third, putting the quotes around $from in that last line is not
> Fourth, it seems like it's actually working because the call to file()
> is not throwing an error, right? [Or are you going to pull one of
> those "Oh, yeah, I forgot to say, the Check Engine light is on"
> situations that happened on "Car Talk" a few weeks ago?] Thus if
> $lines is empty, the file is empty.
> T H E A N A L Y S I S A N D S O L U T I O N S C O M P A N Y
> data intensive web and database programming
> 4015 7th Ave #4, Brooklyn NY 11232 v: 718-854-0335 f: 718-854-0409
> New York PHP Community Talk Mailing List
> NYPHPCon 2006 Presentations Online
> Show Your Participation in New York PHP
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the talk