SMF Development > Bug Reports

[2.0] encrypted attachment file names and FTP

<< < (8/8)

Arantor:

--- Quote ---what would happen if you put a file with extension php in a directory that is allowed to execute php files and you reach it from the browser or other means?
--- End quote ---

It would be executed, simple as that. For those who know their history, the word krisbarteo should be ringing alarm bells at this point.

It's also why every Source file in SMF is prefaced with a check that 'SMF' is defined and refuses to do anything else otherwise.


--- Quote ---what would happen if you put a file without extension in a directory that is allowed to execute php files and you reach it from the browser or other means?
--- End quote ---

Ordinarily, it would serve the file raw. It is possible to coerce Apache to PHP-process even that, but out of the box it won't.

MrPhil:
Another reported strike against FileZilla: http://www.simplemachines.org/community/index.php?topic=470927.msg3341292#msg3341292 (unconfirmed)

Navigation

[0] Message Index

[*] Previous page