-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
D_C wrote:
| how about if pages could use an <include> type function, that only
| includes from the file system the server is on?
http://meta.wikimedia.org/wiki/Write_your_own_MediaWiki_extension
Be aware that directory-traversal attacks on file poorly secured file
inclusion systems are _very_ common, and can be used to pull database
passwords, user lists, and other sensitive information from a
filesystem. Be careful to validate the filenames properly.
- -- brion vibber (brion @
pobox.com)
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.6 (Darwin)
Comment: Using GnuPG with Thunderbird -
http://enigmail.mozdev.org
iD8DBQFB+VKjwRnhpk1wk44RAmPCAKDdEuvALTrCm63v4DX+vkMl8cGa4gCfcxrY
rFGLLmmQScxXD17bn2xjY5I=
=7zj6
-----END PGP SIGNATURE-----