Re: PHP Passing Variables Between Pages and Security — PHP Programming Language

You are here: Re: PHP Passing Variables Between Pages and Security « PHP Programming Language « IT news, forums, messages

Posted by Justin Koivisto on 10/13/39 11:39

Justin Koivisto wrote:
> Justin Koivisto wrote:
>> When I get in to the office, I'll set up a simple little form for
>> testing this out again. However, the first tests I ran didn't work at
>> all. Maybe I'll post the URL of the test form for others to take a try
>> at. ;)
>
> OK, I worked on this a bit, and I have been able to spoof through this.
> I will release some details and proof of concept when I have some more
> time (maybe tomorrow).

Of course, I should re-state that this should be used only as a
first-line of defense, and you should still be filtering input and
escaping output. (Output being anything that you script sends to another
source: writing to files, sending queries to databases, storing cookie
or session vars, etc.)

--
Justin Koivisto, ZCE - justin@koivi.com
http://koivi.com

Navigation:

Next in forum: Parsing UTF-8 string with XSLT
Prev in forum: Re: PHP Passing Variables Between Pages and Security
Thread view: Re: PHP Passing Variables Between Pages and Security

[Reply to this message]

Удаленная работа для программистов • Как заработать на Google AdSense • England, UK • статьи на английском • PHP MySQL CMS Apache Oscommerce • Online Business Knowledge Base • DVD MP3 AVI MP4 players codecs conversion help

Home • Search • Site Map • Set as Homepage • Add to Favourites

Сайт изготовлен в Студии Валентина Петручека —
изготовление и поддержка веб-сайтов, разработка программного обеспечения, поисковая оптимизация