Logging

From GeeklogWiki
Revision as of 20:49, 11 March 2006 by Dirk (talk | contribs) (This is only a stub, but we'll have to start somewhere ...)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

Be careful what you log

This may sound odd at first but you should be careful what you log (in Geeklog's error.log or your own logfile).

The problem is that PHP will happily execute any PHP code it will find in the middle of a text file (any file, actually), as long as it's properly enclosed in the <?php and ?> tags.

So while PHP code that gets logged into your error.log file is not an immediate problem, it will become a problem as soon as someone manages to include the logfile into a PHP script.


[Okay, I'm suffering from writer's block at this point. Someone more eloquent please rewrite and expand this ... Dirk 15:49, 11 March 2006 (EST)]

Retrieved from "http://wiki.geeklog.net/index.php?title=Logging&oldid=4027"