('binary' encoding is not supported, stored as-is) In-Reply-To: <20020718203227.15908.qmailat_private> frog- AFAIK if magic quotes is on the only way you could get through would be with the code below....if it is off then you could pass straight through, but from your output I would guess that your server has magic quotes on <? //this would be _very_ bad code for a coder to use eval(stripslashes($evalu)); printf("<br>echo=%s",$evalu); ?> a valid test string would be: script.php?evalu=echo%20"start%20";system("ls");echo%20"end"; so in your case magic quotes are enabled and you are dealing with a straight eval()...then I belive wont be able passthru please correct me if I'm wrong, -Slow2Show- University of Florida
This archive was generated by hypermail 2b30 : Thu Jul 18 2002 - 21:03:11 PDT