понедельник, 25 апреля 2016 г.

New PHP extensions should be hardcoded :)

PHP 6 and PHP 7 are here.
Many applications still using blacklist filtration for upload and other file operations files.
Note, that now you should add ".php6" and ".php7" to this lists.

Finally it will looks like:
.php3
.php4
.php5
.php6
.php7
.phtm
.phtml
...
We are still recommend to use while lists to enumerate safe extensions.