XML, Perl, Python, and other languages can be discussed here, even if it isn't PHP (We might forgive you).
Moderator: General Moderators
lc
Forum Contributor
Posts: 188 Joined: Tue Apr 23, 2002 6:45 pm
Location: Netherlands
Post
by lc » Fri May 17, 2002 10:42 pm
Hia folks
I was rather baffled I thought I had written some secure scripts but someone entered somethign in a GB I wrote that really messed it up.
I have no idea what that means or what it does. Can anyone explain it to me?
thx
lc
fatal
Forum Contributor
Posts: 118 Joined: Sat Apr 20, 2002 10:47 am
Location: East Coast
Post
by fatal » Fri May 17, 2002 11:55 pm
XML is really sensitive about tags, a tag must have a start and a end. Unlike HTML where you can have tags like <.hr>, and <.br>
lc
Forum Contributor
Posts: 188 Joined: Tue Apr 23, 2002 6:45 pm
Location: Netherlands
Post
by lc » Sat May 18, 2002 9:27 pm
Well see that doesn't really mean anything to me.
I have a script online where people can leave messages.. I use htmlentities to make html impossible basicly.
But I really don't get why this doesn't end up as <xmpt> as text made from <xmpt> but gets viewed as code. I'm rather baffled by it
jason
Site Admin
Posts: 1767 Joined: Thu Apr 18, 2002 3:14 pm
Location: Montreal, CA
Contact:
Post
by jason » Sat May 18, 2002 11:49 pm
I would use strip_tags() myself.
Also, do you allow people to edit their messages? And if so, do you error check on the edit?
lc
Forum Contributor
Posts: 188 Joined: Tue Apr 23, 2002 6:45 pm
Location: Netherlands
Post
by lc » Sun May 19, 2002 10:59 am
Thx Jason.. I'll do some tryouts with strip_tags.
In one of the scripts yes I do allow people to edit their own messages, and yup naturally the same checks that are used for the initial message are also used for an edit. Same bit of script actually... just with a couple if/elseif's
lc
Forum Contributor
Posts: 188 Joined: Tue Apr 23, 2002 6:45 pm
Location: Netherlands
Post
by lc » Sun May 19, 2002 11:45 am
Okie yup strip_tags isn't perfect either but at least it's secure. Thx
I'm using it now.
volka
DevNet Evangelist
Posts: 8391 Joined: Tue May 07, 2002 9:48 am
Location: Berlin, ger
Post
by volka » Fri May 24, 2002 8:25 pm
XMTP <-> eXtensible Mail Transport Protocol
but I've never seen a <xmpt>-tag