Page 2 of 2
Posted: Fri Jun 30, 2006 1:01 am
by AshrakTheWhite
also make sure your htmlspecialchars and mysql_real_escape_string all your input areas!
and use post for sending all the player type in stuff not get
- Ashrak
Posted: Fri Jun 30, 2006 10:17 am
by houston
Thanks for the valuable input, I'll work on sealing these security holes you've brought up
after that comes some minor tweaking to the graphics - I noticed a line in my header where the video starts on the black Rx and I've got some other color consistency things to work out. As well as adding a standard email link to the contact page and then finally validating the whole thing. I'm getting close and closer
1 more question while I'm at it - w3c is rejecting the EMBED tag I've used to include my flash header in the site. Since EMBED isn't a validating tag I need to find an alternate way of including the swf. What's my best option?
Posted: Fri Jun 30, 2006 10:20 am
by Luke
http://www.w3schools.com/flash/flash_inhtml.asp
w3schools is a GREAT place to find stuff like that. They always know what to use when things are depricated.

Posted: Sat Jul 01, 2006 11:35 am
by houston
contact page's email form has been renovated
Posted: Sat Jul 01, 2006 5:00 pm
by Roja
Except that the page you linked to recommends the embed tag, which is deprecated.
The alternative is to use object.
Code: Select all
<object
type="application/x-shockwave-flash"
data="http://www.macromedia.com/shockwave/download/triggerpages/flash.swf"
width="300"
height="120">
<param
name="movie"
value="http://www.macromedia.com/shockwave/download/triggerpages/flash.swf" />
</object>
Posted: Sat Jul 01, 2006 9:04 pm
by houston
thanks for the snippet
