OpenID in PHP

Kristopher Tate kris at bbridgetech.com
Wed Jun 29 12:56:06 PDT 2005


What the heck are you talking about? $secret is an internal variable. 
We have Reg_globals turned off.

Haha, why do you think we're using $_GET??

-Kris

On 2005/06/29, at 0:51 PM, Xageroth Sekarius wrote:

>> //Get secret
>>      $secret = shell_exec('cat
>> /tmp/oid-shared_secret-'.$_GET['openid_assoc_handle'].'.secret');
>>
>
> You do know that's dangerous, right?
> Register globals is defaulted off to avoid this kind of code.
>
>



More information about the yadis mailing list