Page 1 of 1
PHP Security Validator Problem!!!!!!!!!!
Posted: Tue Apr 11, 2006 9:27 am
by dthompson3
I am currently developing a php security validator.
It has a similar gui format to the w3c html validator, except for it only has a direct input textarea, not a upload or url link and obviously used for php not html.
Problem...
How do i take the user's entered code in the text area, once a form button is pressed, to note the line numbers of the code,
and return the code into another textarea on another page, stating the line numbers somehow,
changing and highlighting any coding stating 'GET' to 'POST' instead,
and any coding stating '$_REQUEST' to change to '$_POST'.
Having a real problem with this, so any help would be majorly appreciated!
Regards and thanks for anyones time!
Posted: Tue Apr 11, 2006 9:43 am
by s.dot
You can achieve line counting I presume by counting the new line characters (\n)
You can change $_GET to $_POST or $_REQUEST to $_POST by using
preg_replace()
Posted: Tue Apr 11, 2006 10:01 am
by Oren
For the new lines use this code:
Code: Select all
$code = $_POST['code'];
$slashes = '\\\n';
if (!get_magic_quotes_gpc())
{
$slashes = '\\n';
}
$code = str_replace($slashes, '', $code);
$code = preg_replace('/(.)/i', '', $code);
$new_lines = strlen($code);
This code will work regardless to whatever magic_quotes_gpc is set to

Posted: Tue Apr 11, 2006 12:17 pm
by dthompson3
regards for the prior replies..
Any more coding tips or examples would help me further
with the rest of the problem..?
Posted: Tue Apr 11, 2006 1:51 pm
by jmut
dthompson3 wrote:regards for the prior replies..
Any more coding tips or examples would help me further
with the rest of the problem..?
if not a secret...can I ask what exactly are you going to validate, how do you plan the whole validator. is this an open source project?
Posted: Tue Apr 11, 2006 2:19 pm
by dthompson3
yep open source project..
taking the input of he textarea and turning it into a array - require code...
passing the array into another textarea on a different page - require code..
changing 'GET' text of the input and changing the command to 'POST'-reqiure code...
just starting off by changing common commands e.g.GET to a more efficient command 'POST' of scripts.
Regards..
Posted: Tue Apr 11, 2006 2:27 pm
by timvw
dthompson3 wrote:yep open source project..
Which?
dthompson3 wrote:
taking the input of he textarea and turning it into a array - require code...
passing the array into another textarea on a different page - require code..
changing 'GET' text of the input and changing the command to 'POST'-reqiure code...
http://www.php.net/explode
http://www.php.net/htmlentities
I don't really understand why POST is more "efficient" than GET? Afaik POST should be used when the site is expected to change and GET when it's expected to always recieve the same content.. (pretty relative in a dynamic website though)