Hi everyone,

I am not much of a PHP'er although I can get the jist of what a script does.

However I found a nice little email script to download which works perfectly. The author has placed a link at the bottom of the script until the user buys it, which is fine with me as Im using it on a non-commercial site. He also has an encrypted file which he uses to create said link at the bottom of the form. I am a little wary of what else is happening in the encrypted link.

How could I go about checking to make sure no e-mails are getting sent to him with passwords or urls etc?

Is it possible or should I steer clear?

Also possibly a tad off topic, but does anyone know what:

AuthGroupFile /dev/null
AuthName Foo
AuthType Basic

<Limit GET POST PUT>
 deny from all
</Limit>

in a .htaccess file does?

Thanks for any pointers!

F-G

    Personally, I would not use anything that passes personnal information from one point to another if I don't know what all the scripts are doing. I would dump the script.

      Originally posted by flash-genie
      Also possibly a tad off topic, but does anyone know what:

      
<Limit GET POST PUT>
 deny from all
</Limit>

      in a .htaccess file does?

      Thanks for any pointers!

      F-G [/B]

      Methinks, but IANAE, that this particular snippet is attempting to ensure that no one ... no one, can use HTTP POST GET or PUT on $X, for some value of the pages on this server.

      Seems like that'd make the site fairly useless, though. Although I'd not want PUT, personally....

      As for the rest, 'fraid I can't say, or won't; not sure which. I'm pretty an*l about security, so I'd tend to agree with Frederick....

        Write a Reply...