woobarb Posted April 27, 2008 Share Posted April 27, 2008 Hi, i'm just testing and was wondering if there anything along these lines to look out for? $s = "<br><br><b>BOLD</b><script>alert('hello');</script><br><hr><?php echo 'im here'; ?>"; $s = bin2hex($s); $s = strrev(chunk_split(strrev($s), 2, "%")); print "converted: ".$s."<br><br>\n"; print "<a href='?cmd=".$s."'>link</a><br>\n"; if(isset($_GET['cmd'])) { //print "cmd: ".htmlspecialchars($_GET['cmd'])."<br><br>"; print "cmd: ".$_GET['cmd']."<br><br>\n"; } You know, if any other sort of encoding will get passed, or is it converted back to normal by the server before being passed onto php? Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.