[Test This Site]

hmm...  I have it so they only can upload images.  I wonder why...

[Test This Site]

i did.  I think i fixed it for good now, could you make sure?

[Test This Site]

ok now try.

[Test This Site]

im working on doing that right now

[Test This Site]

ok

[Test This Site]

No like:

$var = mysql_real_escape_string($var);

$var = strip_tags('$var');

[Test This Site]

the alerts still worked. :'(

[Test This Site]

yes, but it seems that strip_tags didn't work... 

[Test This Site]

jpeg, png, and gif

[Test This Site]

YES!

Any other issues you see?

[Test This Site]

i added strip tags to the rest of it.  Try it now.

[Test This Site]

OK

[Test This Site]

why not htmlentities()?

[Test This Site]

Oh i see the problem.

[Test This Site]

how?  How can i block the alerts?

[Test This Site]

could you test it again? I think i fixed it.

[Test This Site]

on all $_GET things?  Because I used it on $_POST

[Test This Site]

Should I use the htmlentities() function to do so?

[Test This Site]

Should I just not allow links?

[Test This Site]

i deleted everything in the table.

[Test This Site]

Go to http://possal.freehostia.com/members.  From there login and go to view posts.  You will see an edit option

[Test This Site]

You created 2000 rows with the <script> somehow.

[Test This Site]

Edit post for?

[Test This Site]

I am currently hosting this site on a free server until I get all the bugs out so I know it will be secure on a paid one.  Could you please help me find some vulnerabilities and inform me about them.  I know there are many still.  Thanks.  Here is the link:  Click Here

 

Username: demo

Password: demo

[[SOLVED] creating a hyperlink]

Maybe:

echo "<a href='pest.php?$row[id]'>$row['Name']</a>";

 

But I am not sure what you are asking.