validation issue and question on cookie handling

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

m3rajk
DevNet Resident
Posts: 1191
Joined: Mon Jun 02, 2003 3:37 pm

Post by m3rajk »

i was thinking of that and mcrypt after once i get it working.. but should i use an encode to remove spaces first?
User avatar
nielsene
DevNet Resident
Posts: 1834
Joined: Fri Aug 16, 2002 8:57 am
Location: Watertown, MA

Post by nielsene »

Well the MD5 will have the side effect of also getting rid of the plus's and spaces....
m3rajk
DevNet Resident
Posts: 1191
Joined: Mon Jun 02, 2003 3:37 pm

Post by m3rajk »

ok. in that case i'm doing that to all cookies i create.. i think i'll also use mcrypts on usernames.

i'm still not sure how ot use that on passed information since part of the sign up, and something i want them to be able to manipulate later is a set of free answer questions... i guess to remove the special characters i have to do something like htmlspecialcharacters(unencode($passed_variable));


and then if i add a bb code later i'd parse it.. i'm going to create my own flavor bb code for the forums. i decided that a while back because i don't like how colors are done on a lot i've seen and i want something that will make sure my site's unique
User avatar
nielsene
DevNet Resident
Posts: 1834
Joined: Fri Aug 16, 2002 8:57 am
Location: Watertown, MA

Post by nielsene »

I don't think your app needs the mcrypt bit. At least not now. But the MD5 I was suggesting for the uniqid was NOT for tamper-resistant at this point, but as a way to create a "safe" code that won't have funny characters in it... You won't have to decode anything.
Post Reply