Joco Posted October 29, 2008 Share Posted October 29, 2008 Can someone help fix this so that its not able to be attacked by by XSS attacks My site got hacked using this a few months but I'd like to still use this or something like this that works the same so I dont get hacked. <?php if (!isset($_GET["link"])) include 'main.php'; else if(is_file($_GET["link"] . ".php") && $_GET["link"] !="index" ) include htmlspecialchars($_GET["link"] . ".php"); else include 'error.php'; ?> Link to comment https://forums.phpfreaks.com/topic/130586-need-help-fixxing-this/ Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.