Hello All,
I am in the process of recoding a large proportion of an e-commerce site, one of the problems is that there are a few security issues floating around.
I have a search box which was originally unprotected against XSS, I was easily able to execute JavaScript and force the system to echo out HTML *holds head in hands*.
I am using this code:
$term=preg_replace('/[^a-zA-Z0-9s]/', "", $term);
...to remove any non-alphanumeric characters (excluding spaces), I am thinking because this will strip out any characters like ', ", <, >, /, = etc, it should make my script safe again.
Can you confirm this, or is there something that I am missing?
Many thanks
need help with this contact form
I made this form and I need it to read the data and write the data to a table and its not working can someone please help me and show me what I have wrong so I can fix it heres the html form I left
Help =( !! Upload Pics [PHP script]
HelloI need help with a php script [MULTIPLE UPLOAD IMAGES] , where I want to add a feature (watermark the uploaded pictures) , thats mean its watermark & upload in the same time . look this
Upload file and add HTML
Hey everyone,I have a client has meeting agendas and minutes that should be posted online. I could teach someone how to FTP it onto the site, but I thought PHP would allow for a cooler solution. Here
Multi-user card game
I'm writing a batch of games and such. Lottery is finished, Poker,blackjack,etc are next. They will be multi-user. I've got the multi-deck shoe and dealing table done and other parts rough coded. What
Points for Wiki contribution
Hi everyone,
IP Based Cron Jobs
I run cronjobs on my website. After one of my visitors got curious and tinkered around he realized he could reset my cron jobs...woohoo....Is there a way to get information from the server to make
Echo multiple lines of html code
Hi guys,I would like to know if there is a way to echo multiple lines of html codes. I intend to echo a form if a variable is set and nothing if it is not set. And right now, I echo each line of html
Phase Error I can't seem to find :(`
Hey guys, I can seem to find my phase error on this. I am getting this error[error]Parse error: syntax error, unexpected $end in /home/klrbal/public_html/Mafia-test/tempfam.php on line
get the country of visitor and display content based on that
Hello all,I have seen that Google analytics can tell you where a visitor is coming from and I want to do something similar. But I would like to add the functionality of redirecting a user based on his
Email Processor
I have a few questions so this post will be a larger one! Sorry, but I'm a bit of a PHP newbie so be gentle with me! Awhile back I wrote out a simple forum to email processor that I used with a few
