FUDforum
Fast Uncompromising Discussions. FUDforum will get your users talking.

Home » Imported messages » comp.lang.php » BB type posting - is this secure?
Show: Today's Messages :: Polls :: Message Navigator
Return to the default flat view Create a new topic Submit Reply
BB type posting - is this secure? [message #176383] Thu, 29 December 2011 22:45 Go to previous message
Michael Joel is currently offline  Michael Joel
Messages: 42
Registered: October 2011
Karma:
Member
I am allowing posts to the page and wanted to see if this is secure.

data from sql is placed in an array (say $MyArray):

$MyArray["Post"] = nl2br(stripslashes($MyArray["Post"]));

$MyArray["Post"] = strip_tags($MyArray["Post"], "<BR>");


I notice with this text like <script>alert("hi");</script> is rendered
as literal so no script is actually recognised.

So is this gooed enough or is there something else I need to do?

Mike
[Message index]
 
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Previous Topic: Help with script that retrieve remote files
Next Topic: Give me the names of some CRM php projects
Goto Forum:
  

-=] Back to Top [=-
[ Syndicate this forum (XML) ] [ RSS ]

Current Time: Fri Nov 22 21:38:47 GMT 2024

Total time taken to generate the page: 0.04330 seconds