Hello All,
I am in the process of recoding a large proportion of an e-commerce site, one of the problems is that there are a few security issues floating around.
I have a search box which was originally unprotected against XSS, I was easily able to execute JavaScript and force the system to echo out HTML *holds head in hands*.
I am using this code:
$term=preg_replace('/[^a-zA-Z0-9s]/', "", $term);
...to remove any non-alphanumeric characters (excluding spaces), I am thinking because this will strip out any characters like ', ", <, >, /, = etc, it should make my script safe again.
Can you confirm this, or is there something that I am missing?
Many thanks
Notice Undefined index: reset/ Attempting to redirect, works, but get a notice
Full Header.php is:Code: [Select]<?php$reset= false;$reset= strip_tags($_GET["reset"]); //THIS IS LINE 3if(empty($reset)) $reset = false;if($reset==NULL)
PHP MySQL and DATE
Hi everyoneI have a databse and in one of the columns I have date values such as 2009-March-27. If i have a php interface and want to use a query to select all the rows that is in say october. how
Output Buffering question
Hi all, I've been trying to wrap my head around output buffering. So far I've found tons of benifits but I'm wondering about the downside of output buffering. Problems it creates, whether or not it
I need to increse 6hours more, and i don't know how???
I need to increse 6hours more, and i don't know how???<tr> <th>{ov_server_time}</th> <th
Code doesn't print what i wanted it too. Please help!
Hi there,I wrote this code to mae it so that in the form before it that the user said their username and then on this page it matches up the username with the username on the database and then uses
mod_rewrite.c on windows ??
why it's not working on windows while it's working on other hosts??? this is the code i got from a tutorial :Code: <IfModule mod_rewrite.c>RewriteEngine OnRewriteBase /rewriterule
upload image name with extension using php
hi frds..<input id="file1" type="file" name="file[]" >upload image show path like C:\Documents and Settings\My Documents\My Pictures\images0056.jpgi need
POST into Array problem
Hi Chaps,I have a repeat region, displaying rows of data: jobid, fromtable, translatorchargeIn each row there is an input field to enter a cost for each job 'charge'.//INPUT - TRANSLATOR CHARGECode:
IP question
ive got 2 ip addresses both global from same user how would i detect if they are local to each other
my code does not work.
I have a code problem.Quote"<a href=index.php?gogo=ureticidetay&'?l={$letter}'>{$ letter}</a>" this is not working. but need link like this
