FUDforum
Fast Uncompromising Discussions. FUDforum will get your users talking.

Home » Imported messages » comp.lang.php » Check if $_GET contains something other than what's allowed
Show: Today's Messages :: Polls :: Message Navigator
Return to the default flat view Create a new topic Submit Reply
Re: Check if $_GET contains something other than what's allowed [message #183822 is a reply to message #183820] Thu, 21 November 2013 21:48 Go to previous messageGo to previous message
Thomas 'PointedEars'  is currently offline  Thomas 'PointedEars'
Messages: 701
Registered: October 2010
Karma:
Senior Member
Jason C wrote:

> I have a script that's constantly under attack by hackers submitting odd

s/hackers/crackers/

Rule of thumb: Hackers build, crackers (attempt to) destroy.

> queries. My script is tight enough that it's not been a problem, but
> still, it's annoying.
>
> Just for the sake of peace of mind, how can I check for any $_GET key
> that's not allowed (in which case I can kill the script from the
> beginning)?

<http://php.net/isset>
<http://php.net/array_key_exists>

However, your problem more likely is having register_globals=on when it
should be off; not validating user input, inviting SQL injection; aso.

<https://owasp.org/>


PointedEars
--
Prototype.js was written by people who don't know javascript for people
who don't know javascript. People who don't know javascript are not
the best source of advice on designing systems that use javascript.
-- Richard Cornford, cljs, <f806at$ail$1$8300dec7(at)news(dot)demon(dot)co(dot)uk>
[Message index]
 
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Previous Topic: finding newlines
Next Topic: video sharing website
Goto Forum:
  

-=] Back to Top [=-
[ Syndicate this forum (XML) ] [ RSS ]

Current Time: Thu Nov 28 03:00:34 GMT 2024

Total time taken to generate the page: 0.05495 seconds