OpenID in PHP
Ted Pennings
ted at hostleft.com
Wed Jun 29 17:04:52 PDT 2005
*finally realizes this listserve doesn't sent a Reply-To header*
Don't forget about > and < in the command.
I've actually had a website hacked due to something like this line of
code and > a few years ago (about 5, when I was a noob).
-Ted
---------------------------------------------------
Host Left Web Hosting http://www.hostleft.com
Ted Pennings (.com) http://www.tedpennings.com
Mobile Phone: 1.951.640.4092
AOL Instant Messenger: thesleepyvegan
On Jun 29, 2005, at 1:15 PM, Kristopher Tate wrote:
> Ah, sorry about that last bit -- gotcha.
>
> Here's a fix:
>
>> //Get secret
>> $secret = shell_exec('cat
>> /tmp/oid-shared_secret-
>> '.addcslashes($_GET['openid_assoc_handle'],';.\+*?
>> [^]($)#').'.secret');
>
> Thanks,
>
> -Kris
>
> On 2005/06/29, at 1:02 PM, Xageroth Sekarius wrote:
>
>> secret is, but you were shell_exec'ing straight from a global
>> variable. What prevents openid_assoc_handle from being set to
>> something malicious? Maybe I misunderstood.
>
>
>
More information about the yadis
mailing list