Note that in the last example, you could still request a dodgy file from the local server. For instance, /etc/passwd may allow you to get some encrypted passwords to run a cracking attempt against... /var/lib/mysql/mysql/user.MYD may also be a target for this kind of thing if you run mysql.
----
Manual Page -- [url]http://www.php.net/manual/en/features.remote-files.php[/url]
Edit Note -- [url]http://master.php.net/manage/user-notes.php?action=edit+33896[/url]
Delete Note -- [url]http://master.php.net/manage/user-notes.php?action=delete+33896&report=yes[/url]
Reject Note -- [url]http://master.php.net/manage/user-notes.php?action=reject+33896&report=yes[/url]