Search the Community
Showing results for tags 'utf8'.
-
Hello I have a PHP page that sends text entered by a user to our database which we use to display news. This system supports various languages but occasionally we get issues with odd characters being entered... For example, the premade glyph for ellipsis which is normally represented by 3 .'s broke our system today How can I check that each character is valid and within range? These are our character ranges ExtendedLatin_c_iLowerAlphaChar = 0x00C0; ExtendedLatin_c_iUpperAlphaChar = 0x01FF; Arabic_c_iLowerChar = 0x600; Arabic_c_iUpperChar = 0x6FF; Arabic_c_iLowerAlphaChar = 0x621; Arabic_c_iUpperAlphaChar = 0x64A; Arabic_c_iLowerNumericChar = 0x660; Arabic_c_iUpperNumericChar = 0x669; So each character must fall within one of these ranges... but I have no idea how to get the hex value of a character in PHP Thanks
-
Hi everybody ! Am back with the never ending security issues, just that this time it has to do with the character set related security issues. I read the whole day on utf-8 and am still lost on certain aspects related to PHP security. Consider the simple script below: <?php //error_reporting(E_ALL & ~E_NOTICE); session_start(); if(isset($_POST['login'], $_POST['password'])) { $login = $_POST['login']; $password = $_POST['password']; if(!empty($login) && !empty($password)) { //echo "Ok"; echo "Welcome ". $login; echo "<br> You password is.$password "; } } ?> <html> <body> <form action="welcome2.php" method="post"> Name: <input type="text" name="login" /> Password: <input type="password" name="password" /> <input type="submit" name="submit"/> </form> </body> </html> It is not a login script, but assuming that it was one, I would like to know that if UTF-8 was the charset that was selected for this script, then : 1. how could it be exploited to pass a string that would effectively break thorugh this login. It would be great if someone can demonstrate the hack using the above script example. 2. Could the same be thwarted by the use of input filters? 3. I also read that the use of a regex to limit the use of special characters in passwords is not good . So in case the hack can be thwarted by the use of regex and that is a bad idea in the first place what should be done? There are a few more questions that are on my mind but I would only ask those once I am clear on these that I have just asked. Thanks all.
-
I have a utf8 string and I'm trying to replace some of the utf8 charachters with equivalent "plain latin characters" in certain positions of the string. In this test i try to replace the first " î " character with " i ". I found that the position in the string for the utf8 chracter i like to replace is 2. So i excecute substr_replace but i get a strange result. Here is the code: $str="Thîs îs ã ütf8 strîng"; // try to replace the first " î " (position #2) $str = substr_replace($str, "i", 2, 1); // i get this "Thi�s îs ã ütf8 strîng Any ideas? Thanks in advance.
-
Hi all I have a very strange situation here... I try to make a string search for a term in utf-8. My search term is "Den lille fløyten" if i use this code: $string = "Den Lille Fløyten"; // The string to search $phrase = "Den lille fløyten"; // The term to search $phrase = preg_replace('/\s+/', '\s+', preg_quote($phrase)); $p = '/\b' . $phrase . '\b/ui'; $result = preg_match($p, $string); // This gives me true (1) everything is OK! But if i put my search term in an array (which i have to do...) and then try to do the search using this search term as an array element i always get false result: $SearchTerms=array('Høstnatt på Fjellskogen', 'Langt Innpå Skoga', 'Den lille fløyten', 'Sølv'); // my array with search terms $string = "Den Lille Fløyten"; // The string to search $phrase = $SearchTerms[2] // The term to search as part of an array $phrase = preg_replace('/\s+/', '\s+', preg_quote($phrase)); $p = '/\b' . $phrase . '\b/ui'; $result = preg_match($p, $string); // This gives me FALSE (0)!!!!!!! Any Ideas? Thanks in advance.
-
Hi! I have been searching on the web for solutions but for some reason it seems that I can't implement them. I am a rookie in PHP and perhaps the mistake has been under my nose all this time but I did not manage to see it... Here goes my contact form: <form method="post" action="kontakt.php"> <label>Namn *</label> <input name="name" placeholder="Type Here"> <label>Telefon *</label> <input name="telef" placeholder="Type Here"> <label>E-post *</label> <input name="email" type="email" placeholder="Type Here"> <label>Meddelandet</label> <textarea name="message" placeholder="Type Here"></textarea> <label>*Hur mycket är 2+2? (Anti-spam)</label> <input name="human" placeholder="Type Here"> <input id="submit" name="submit" type="submit" value="Submit"> <?php $name = $_POST['name']; $telef = $_POST['telef']; $email = $_POST['email']; $message = $_POST['message']; $from = 'Lounge Terrasse'; $to = 'kontakt@lfsolutions.se'; $subject = 'Lounge Terrasse - Ny meddelande'; $human = $_POST['human']; $headers = "MIME-Version: 1.0" . PHP_EOL; $headers .= "From: $from <$email> ". PHP_EOL; $headers .= "Content-type: text/html;charset=UTF-8 ". PHP_EOL; $body = "From: $name\n Telefon: $telef\n E-Mail: $email\n Message:\n $message"; if ($_POST['submit']) { if ($name != '' && $email != '' && $telef != '') { if ($human == '4') { if (mail ($to, $subject, $body, $from)) { echo '<p>Your message has been sent!</p>'; } else { echo '<p>Something went wrong, go back and try again!</p>'; } } else if ($_POST['submit'] && $human != '4') { echo '<p>You answered the anti-spam question incorrectly!</p>'; } } else { echo '<p>You need to fill in all required fields!!</p>'; } } ?> </form> So... any suggestions in order to implement correctly the utf8, since the e-mails are still coming with weird characters? Thanks in advance!!
-
- php
- contact-form
-
(and 1 more)
Tagged with: