Distant_storm

I believe they use CURL which is a networking tool which can search other webpages aswell as your own for text. hmm im not entirly sure there are many methods.

Ok I have read alot of books, and the overall message I always seem to get about navigation systems is that its fairly unsafe to use the GET METHOD. As I know that you are all VERY VERY clued up on security here and I know no security is fully protected but how safe would this code be... <?php if (!isset($_GET['page_id'])) { header("LOCATION:index.php?page_id=1"); } $page_id=addslashes($_GET['page_id']; $page_id=strip_tags($_GET['page_id']; if (!ctype_digit($page_id)) { exit(); } Then from there the page is displayed on screen by getting the page content from a database using the page_id variable. Im just oblivious to any other stuff that could be cracked with a system like that, I understand there are ways and im pretty sure you lot know every way. So if you could please advice me on any improvments on security wise. Thanks Noobie Phpfreaks.com

Thanks for all your help people massive amount of responses. I have used some cookie settings. The data isnt that at risk so its not so important to use sessions although I am always looking to improve on php so sessions cookies is something i must read up on. I think in the code i posted up above I forgot to increase the cookie max lifetime more than the gc maxlifetime. Thanks alot for people who put in alot of detail really cleared things up for me Great support from you lot !

Ahh well in that case Id prefer to use cookies. Does anyone know how to stop cookies from expiring after the browser is closed ? so forgetting sessions all together and just cookies instead. Sorry if this topic is already covered elswhere

How can I get it to stop ending the session when the browser closes. If this code is somewhere and presented simply in another post feel free to redirect me to it. Thanks.

I have a problem with my sessions, it is for storing very simple data. a) name b) ip c) time my set up of the session ini goes as so... ini_set('session.gc_maxlifetime', time() + 300); ini_set('session.cookie_lifetime', time() + 300); session_start(); $_SESSION['name'] = "name"; $_SESSION['ip'] = $_SERVER['REMOTE_ADDR']; $_SESSION['time'] = time(); Now when checking these i use this if (!isset($_SESSION['name'])) { set session balh blah with the above ini settings } else { retrive the values } ok so is their any reason why that should everytime i close my browser start a new session? Its nothing to do with my cookie settings on my computer because all other sites are fine. Much apreciated for your help Matt

fixed thanks alot guys , im gonna delete the code to not take up space on the database :)

ok ive fixed that now a new error ive marked line 219 :( and jesus you guys n girls are fast id only just posted and i had a reply thanks alot for your help already

post resolved

ok I want any letter or number . full stop + pluss sign = equals sign , comma ' apos : ; ( ) & £ " ! ? thats all i want to allow if you could sort that out for me or teach me that would be an amazing help. p.s im not totaly dum been programming php for about 2 years self taught "looks proud"

ok heres the thing I want to make a function that validates a string thats sent to it here is what i have after fiddling. $input=$_GET['input']; function validate($make) { if (eregi('(^[a-zA-Z0-9.'])|([:punct:])$',$make)) { print "no error found"; } else { print "error found"; } } validate($input); and yet i get stupid error messages . If anyone can type out the regular expression that !!!! ONLY ALLOWS any letter or number or any punct marks and any space !!!!! This is to stop stupid ascii characters etc if you could message me when you reply thanks