Jump to content

Search the Community

Showing results for tags 'utf8'.



More search options

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Welcome to PHP Freaks
    • Announcements
    • Introductions
  • PHP Coding
    • PHP Coding Help
    • Regex Help
    • Third Party Scripts
    • FAQ/Code Snippet Repository
  • SQL / Database
    • MySQL Help
    • PostgreSQL
    • Microsoft SQL - MSSQL
    • Other RDBMS and SQL dialects
  • Client Side
    • HTML Help
    • CSS Help
    • Javascript Help
    • Other
  • Applications and Frameworks
    • Applications
    • Frameworks
    • Other Libraries
  • Web Server Administration
    • PHP Installation and Configuration
    • Linux
    • Apache HTTP Server
    • Microsoft IIS
    • Other Web Server Software
  • Other
    • Application Design
    • Other Programming Languages
    • Editor Help (Dreamweaver, Zend, etc)
    • Website Critique
    • Beta Test Your Stuff!
  • Freelance, Contracts, Employment, etc.
    • Services Offered
    • Job Offerings
  • General Discussion
    • PHPFreaks.com Website Feedback
    • Miscellaneous

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


AIM


MSN


Website URL


ICQ


Yahoo


Jabber


Skype


Location


Interests


Age


Donation Link

Found 3 results

  1. Hello, I need help in using split with utf8 string like below: <!DOCTYPE html><html><body><script>var numbers;var Emoj1 = '
  2. Hi everybody ! Am back with the never ending security issues, just that this time it has to do with the character set related security issues. I read the whole day on utf-8 and am still lost on certain aspects related to PHP security. Consider the simple script below: <?php //error_reporting(E_ALL & ~E_NOTICE); session_start(); if(isset($_POST['login'], $_POST['password'])) { $login = $_POST['login']; $password = $_POST['password']; if(!empty($login) && !empty($password)) { //echo "Ok"; echo "Welcome ". $login; echo "<br> You password is.$password "; } } ?> <html> <body> <form action="welcome2.php" method="post"> Name: <input type="text" name="login" /> Password: <input type="password" name="password" /> <input type="submit" name="submit"/> </form> </body> </html> It is not a login script, but assuming that it was one, I would like to know that if UTF-8 was the charset that was selected for this script, then : 1. how could it be exploited to pass a string that would effectively break thorugh this login. It would be great if someone can demonstrate the hack using the above script example. 2. Could the same be thwarted by the use of input filters? 3. I also read that the use of a regex to limit the use of special characters in passwords is not good . So in case the hack can be thwarted by the use of regex and that is a bad idea in the first place what should be done? There are a few more questions that are on my mind but I would only ask those once I am clear on these that I have just asked. Thanks all.
  3. Hello I have a PHP page that sends text entered by a user to our database which we use to display news. This system supports various languages but occasionally we get issues with odd characters being entered... For example, the premade glyph for ellipsis which is normally represented by 3 .'s broke our system today How can I check that each character is valid and within range? These are our character ranges ExtendedLatin_c_iLowerAlphaChar = 0x00C0; ExtendedLatin_c_iUpperAlphaChar = 0x01FF; Arabic_c_iLowerChar = 0x600; Arabic_c_iUpperChar = 0x6FF; Arabic_c_iLowerAlphaChar = 0x621; Arabic_c_iUpperAlphaChar = 0x64A; Arabic_c_iLowerNumericChar = 0x660; Arabic_c_iUpperNumericChar = 0x669; So each character must fall within one of these ranges... but I have no idea how to get the hex value of a character in PHP Thanks
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.