Jump to content

magnetica

Members
  • Posts

    206
  • Joined

  • Last visited

    Never

Profile Information

  • Gender
    Not Telling

magnetica's Achievements

Member

Member (2/5)

0

Reputation

  1. So just the images?? Do the colors work together? Is the layout ok?
  2. Hi all I have spent a few weeks creating a site where people can find and buy products and read reviews from across many sites. If you've got the time take a moment to take a look and letme know what you think e.g. colors, layouts, errors, etc http://www.googlebasesearch.com/ Thanks in advance, Magnetica
  3. So long as you check the data with PHP then everything should be ok. The only reason someone would make a copy form is to avoid client side validating easier. Plus you can't stop them from doing so.. After you filter the input, if you are going to output any tainted data then its always customary to escape the output before display.. Filter Input then Escape Output... and all your security problem will go away. Apart from some more complex websecurity issues
  4. Perfect. Told you it'd be simple! Thanks alot AlexWD
  5. Hi all I am grabbing the _SERVER['REQUEST_URI'] and trying to compare it but this doesnt work $currpage = $_SERVER['REQUEST_URI'];//when i echo this i get ' / ' $home = '/'; //but this doesnt work if(strpos($currpage, $home)){echo 'test works';} PS It will work if i use if($currpage == $home){echo 'test2';} Any ideas? Thanks, Magnetica
  6. Goto mediafire and download a file look at the link and construct a regex expression according to their url for downloading files
  7. Hi all If there a better way of setting variables within classes than taking it through the __construct and setting via $this ?? e.g. class SectionsConnect { protected $var; public function __construct($var){ $this->var= $var; } } Can you not set the variable automatically as it comes in through the __construct? Thanks Magnetica
  8. Thanks alot Zanus.. Can't see it getting more complicated then the characters you have put there
  9. Such as â.. What character it is could be any? Is there a function to convert of replace letters by encoding?
  10. Hi all I was wondering if you are able to replace such characters as â with a in php? Regards Magnetica
  11. Hi All I was wondering how important it is to unset() all your variables once used? Most of my code is object oriented so the functions discard any variables created within them. But do I have to unset() all the objects that I instantiate? Also how much will it improve on speed if I do so? Regards, Magnetica
  12. You shoudln't rely on cookies here, as soon as they reliase they can't download a file because of a cookie (which most amatuerish webbies could do).... They would delete the cookie and download the file Think about maybe storing their email and name in a database or XML file or something where they havn't got access to.. Regards, Magnetica
  13. $data = htmlentities($data); $data = mysql_real_escape_string($data); Also these two functions are used to escape output not filter input..
  14. Definetly not!! There probably are functions to clean input but security should be application specific. You are on the right lines here but you do have to do it all manually. Best practice is to get the user input then clean it appropiatley and store it within a $clean array; $clean = array(); if (ctype_alpha($_POST['username'])) { $clean['username'] = $_POST['username']; } if (ctype_alnum($_POST['password'])) { $clean['password'] = $_POST['password']; } Obviously your checks would be more intensive.
  15. Be sure that the session_start() is situated right at the beginning of the document except before the <?php tag but before any whitespace or declared variables etc.
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.