Results 1 to 3 of 3
August 9th, 2007, 06:00 PM #1
finally found a place to post this
- Join Date
- August 4th, 2007
I forwarded my concerns on to Michele, but thought I might ask in this forum as well.
This past week I disovered a very disturbing fact about the .php get data script when my web host decided to upgrade to php5. I guess there is a bad security hole in using the line "include($URL)" because it is calling an include from an offsite location. I can't explain it, so this simple explain page about it might help:
Well, php5 closes this hole, but in doing so it completely shut down all my listings with GoldenCan. My web host backed off the upgrade and it was fine again, but I still had to figure out how to get around the "include" because it is a security flaw.
I use OScommerce as just an organizing sitebuilder, but this .php flaw is in code and not per version of ecommerce solution. I sent an example using .php 'curl' to Michele and they are looking at it...........
So far, it appears curl does the trick on GoldenCan's script....at least mine is still working now after the web host upgrade.............
August 9th, 2007, 06:41 PM #2
I use curl. Seems to work.
August 16th, 2007, 12:23 AM #3
- Join Date
- May 30th, 2005
By fabeddie in forum Introduce YourselfReplies: 5Last Post: December 18th, 2007, 11:30 AM
By KeithAWatson in forum Introduce YourselfReplies: 7Last Post: December 4th, 2006, 12:45 PM
By RobGraves in forum Introduce YourselfReplies: 2Last Post: February 4th, 2005, 04:08 PM