On Fri, Jul 23, 2004 at 10:05:50AM +0200, Fil wrote:
And what if I send an HTML file to your list with php code included? You get a security issue here.
This only applies to the archive viewing scripts, right? It's an easy thing to disable PHP code when displaying user-generated text.
Still, you bring up a good point when considering adding this feature to the program.
Better way in my view is to write a wrapper script in php, that does the graphics and such things, then pushes the web page. You get the wrapper to work in lieu of the cgi by configuring Apache to do so (RewriteRule, or Alias).
This is an idea. Frames is another. But if you want to have access to the Mailman substitution tags as well as PHP then these ideas don't work.
-- "A dog is the only thing on earth that loves you more than he loves himself." -- Josh Billings
http://GCFL.net (The Good, Clean Funnies List): Good, clean funnies five times a week, no ads, for free!