0
Analyzing an application with the RIPS tool, I found that the main menu part uses these functions below and is extremely vulnerable:
extract( $_POST );
extract( $_GET );
extract( $_SESSION );
Which is the best way to replace these functions above without interfering with the application ?
Would have to do the assignments manually or depending on the code isolate it in a function with the
extract()at least this reduces the scope of the variables.– rray
have some example that can help me ?
– hulckb
the simplest example would be
$nome = $_POST['nome'], is a lot of code?– rray
yes, has in several files .
– hulckb