Tuesday, June 27


Quote Of The Day

SESSION is an associative array (aka Dictionary). When the session times out, things like 'Tempfile' are no longer defined. (PHP has an unset() function that undefines a reference.) But when PHP sees an undeclared reference, it doesn't error out -- instead it substitutes '' (a blank string) if the reference occurs within a string. So now the user is executing

rm -r /var/public_www/

As you might imagine, this behavior makes PHP very dangerous in the hands of an idiot.


Posted by: Pixy Misa at 12:25 AM | Comments (5) | Add Comment | Trackbacks (Suck)
Post contains 87 words, total size 1 kb.

1 Ahh, the Daily WTF.  And I agree with several of the commenters in that thread...what, exactly, was the brainstorm that resulted in a 'rm -r' call in code in the first place :P

Posted by: Chris C. at Tuesday, June 27 2006 11:23 AM (V5vg4)

2 And my buddy, Dr. Heinous, wonders why I'm very, very leery of trying to learn enough PHP to actually work under the hood of WP.  I understood a little of that -- on about the fourth reading.  Not that I know a php SESSION from a gaming session.  Well, maybe I dimly grasped it when I played with .asp a few years ago, but do I want to risk my whole site on how well I understand something?  No.

 'rm' is remove directory?  But what's the '-r' parameter do?

Crud, don't tell me that's root? No, wait, www_root is the site root.... recursive maybe?  But what's var?

Pardon me while I advertise my ignorance....

Posted by: ubu roi at Tuesday, June 27 2006 09:35 PM (s/dU4)

3 -r is indeed recursive.

/var is a particular filesystem that the document root really shouldn't be in.

What this little beauty did was whenever a user's session timed out, it deleted the entire web site.

Not, on the whole, a good thing.

Posted by: Pixy Misa at Tuesday, June 27 2006 10:15 PM (FRalS)

4 Well, that's a tad excessive.

Posted by: Wonderduck at Tuesday, June 27 2006 11:39 PM (+FLIL)

5 I kind of thought that might be the effect of "remove recursive" executed in the root, but do you mean to say the user didn't even have to enter anything? Just let his session time out and the order would execute? Ow.

Posted by: ubu roi at Wednesday, June 28 2006 12:05 AM (s/dU4)

Hide Comments | Add Comment

Comments are disabled. Post is locked.
46kb generated in CPU 0.0163, elapsed 0.102 seconds.
56 queries taking 0.0896 seconds, 342 records returned.
Powered by Minx 1.1.6c-pink.