Jump to content

Recommended Posts

I assume you mean the site design and layout (as oppose to the application design).

 

I actually think it's alright. It could be better, but it reads like a newspaper which I imagine is the intention.

 

I think the ads down the right only cause confusion and are a little overwhelming.

 

I don't know. It covers a LOT on this single page. Take a look at yahoo and how they have elegantly separated information. I would consider using some ajax. Again, try to follow yahoo a little.

youve been hacked by cross site scripting, use better filters on user input.

 

strip_tags($input); to start

 

Its always best to get some regex on those things and limit the amount of text that can be entered.

 

youve been hacked by cross site scripting, use better filters on user input.

 

strip_tags($input); to start

 

Its always best to get some regex on those things and limit the amount of text that can be entered.

 

I wouldn't recommend strip_tags for preventing XSS, but htmlentities as you output the string. Also regex isn't needed for checking string length (unless you wish to go by whole words), strlen should be fine.

 

As for your website vins, it's too much. I have no idea what the site is for or what all those links are. You're just chucking a load of information on a page and expecting people to get it.

youve been hacked by cross site scripting, use better filters on user input.

 

strip_tags($input); to start

 

Its always best to get some regex on those things and limit the amount of text that can be entered.

 

I wouldn't recommend strip_tags for preventing XSS, but htmlentities as you output the string. Also regex isn't needed for checking string length (unless you wish to go by whole words), strlen should be fine.

 

As for your website vins, it's too much. I have no idea what the site is for or what all those links are. You're just chucking a load of information on a page and expecting people to get it.

depends on what you want to filter, if you want users to be able to input special characters than htmlspeicalentities() is good, but if its something like $_GET['desired_page'], then i would just use striptags. Also strlen is good for length but i ment use regex to validate the type of input, ex: numbers, name, email address. not just to limit length
  • 3 weeks later...
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.