OpenID in PHP

Kristopher Tate kris at
Wed Jun 29 12:56:06 PDT 2005

What the heck are you talking about? $secret is an internal variable. 
We have Reg_globals turned off.

Haha, why do you think we're using $_GET??


On 2005/06/29, at 0:51 PM, Xageroth Sekarius wrote:

>> //Get secret
>>      $secret = shell_exec('cat
>> /tmp/oid-shared_secret-'.$_GET['openid_assoc_handle'].'.secret');
> You do know that's dangerous, right?
> Register globals is defaulted off to avoid this kind of code.

More information about the yadis mailing list