 |
 |
Find a programming school near you
php3-list | 199908
Date: 08/03/99
- Next message: Chuck Hagenbuch: "[PHP3] Re: [PHP-DEV] mail and fsockopen"
- Previous message: Rasmus Lerdorf: "Re: [PHP3] segmentation fault"
- Next in thread: Rasmus Lerdorf: "Re: [PHP3] secure variables...stripping $,~,*"
- Reply: Rasmus Lerdorf: "Re: [PHP3] secure variables...stripping $,~,*"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
How important is it to check all of my php form variables for special
characters that could be used to run a php script or do damage? Should I
check every variable including hidden vars for chars like these:
$ ~ * . ( ) { } [ ] / \ .
Is there an easy way to do this checking .... a function like
htmlspecialchars() maybe??
I use <?SecureVar("variablename")> in php/fi to defeat GET method hacks but
I'm not sure if this is enough protection.
Thanks
John Hill
john_hill <email protected>
-- PHP 3 Mailing List <http://www.php.net/> To unsubscribe, send an empty message to php3-unsubscribe <email protected> To subscribe to the digest, e-mail: php3-digest-subscribe <email protected> To search the mailing list archive, go to: http://www.php.net/mailsearch.php3 To contact the list administrators, e-mail: php-list-admin <email protected>
- Next message: Chuck Hagenbuch: "[PHP3] Re: [PHP-DEV] mail and fsockopen"
- Previous message: Rasmus Lerdorf: "Re: [PHP3] segmentation fault"
- Next in thread: Rasmus Lerdorf: "Re: [PHP3] secure variables...stripping $,~,*"
- Reply: Rasmus Lerdorf: "Re: [PHP3] secure variables...stripping $,~,*"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
