----- Original Message -----
From: "Ken Marcus - Precision Web Hosting, Inc."
<kenmarcus (at mark) precisionweb.net>
To: <coba-e (at mark) bluequartz.org>
Sent: Monday, January 26, 2009 9:50 AM
Subject: [coba-e:14875] Re: upgrade issue php4.x to 5.x
>
> ----- Original Message -----
> From: "Gerald Waugh" <gwaugh (at mark) frontstreetnetworks.com>
> To: <coba-e (at mark) bluequartz.org>
> Sent: Monday, January 26, 2009 8:05 AM
> Subject: [coba-e:14873] upgrade issue php4.x to 5.x
>
>
>> We upgraded php4.x to 5.x
>> Now this issue.
>> See;
>>
>> http://www.mezzocammin.com/iambic.php?vol=2008&iss=2&cat=emily&page=emil
>> y
>>
>> relevant lines below.
>> 440 $fh = fopen("http://www.bartleby.com/113/".$pageNum.".html",
>> "r");
>> 441 while (!feof($fh)) {
>> 442 $buffer = fgets($fh, 4096);
>> 443 $content .= " zzz " . $buffer;
>> 444
>> 445 }
>> 446 fclose($fh);
>> Any ideas why this might occur?
>> --
>> Gerald
>>
>
> Gerald
>
> In your php.ini there is an option
> allow_url_fopen = On
>
> You could turn that on.
>
> But a better solution would be to just change the script to include the
> file from a directory location like
> fopen("/home/sites/www.bartleby.com/113/".$pageNum.".html",
>
>
>>a better solution would be to
The reason to not allow it ( allow_url_fopen = On ) is that hackers use it a
lot to include files into exploitable scripts to hack your sites / servers.
----
Ken Marcus
Ecommerce Web Hosting by
Precision Web Hosting, Inc.
http://www.precisionweb.net