[pLog-svn] r6278 - in plog/branches/lifetype-1.2/class:data/validator misc test/tests/misc
Jon Daley
plogworld at jon.limedaley.com
Sat Mar 29 16:33:04 EDT 2008
On Sun, 30 Mar 2008, Mark Wu wrote:
>> I was wondering if that were the case. I convinced
>> myself that it could happen with encoded names too. The file
>> is saved a 123.php or something, right? And then as long as
>> you knew the name, you could still access it directly couldn't you?
>>
> Nope, you can't. After 1.1, we already add the .htaccess to deny the php
> execution.
Right, I meant if the name stayed uppercase. But, 1.2.6 did
lowercase the extension. The bugs must have been on the other side, not
the saving side.
More information about the pLog-svn
mailing list