30 Jul
2002
30 Jul
'02
5:34 a.m.
On Tue, 30 Jul 2002, Chuq Von Rospach wrote:
What got in was -- htDig, the search engine. Which happily follows all links, including, if you let it spider phpMyAdmin, the "delete this database" links. Including the database holding all of the MySQL configuration and account info. Which causes MySQL to die. Which...
I've thought for a while that phpMyAdmin was making a mistake with GET links for all those actions--they should be POST buttons, and spiders would not be able to do this.
-Dale