dunno if this belongs here

XML, Perl, Python, and other languages can be discussed here, even if it isn't PHP (We might forgive you).

Moderator: General Moderators

Post Reply
lc
Forum Contributor
Posts: 188
Joined: Tue Apr 23, 2002 6:45 pm
Location: Netherlands

dunno if this belongs here

Post by lc »

Hia folks

I was rather baffled I thought I had written some secure scripts but someone entered somethign in a GB I wrote that really messed it up.

Code: Select all

<xmpt><plaintext>
I have no idea what that means or what it does. Can anyone explain it to me?

thx
lc
User avatar
fatal
Forum Contributor
Posts: 118
Joined: Sat Apr 20, 2002 10:47 am
Location: East Coast

Post by fatal »

XML is really sensitive about tags, a tag must have a start and a end. Unlike HTML where you can have tags like <.hr>, and <.br>
lc
Forum Contributor
Posts: 188
Joined: Tue Apr 23, 2002 6:45 pm
Location: Netherlands

Post by lc »

Well see that doesn't really mean anything to me.

I have a script online where people can leave messages.. I use htmlentities to make html impossible basicly.

But I really don't get why this doesn't end up as <xmpt> as text made from <xmpt> but gets viewed as code. I'm rather baffled by it ;)
jason
Site Admin
Posts: 1767
Joined: Thu Apr 18, 2002 3:14 pm
Location: Montreal, CA
Contact:

Post by jason »

I would use strip_tags() myself.

Also, do you allow people to edit their messages? And if so, do you error check on the edit?
lc
Forum Contributor
Posts: 188
Joined: Tue Apr 23, 2002 6:45 pm
Location: Netherlands

Post by lc »

Thx Jason.. I'll do some tryouts with strip_tags.

In one of the scripts yes I do allow people to edit their own messages, and yup naturally the same checks that are used for the initial message are also used for an edit. Same bit of script actually... just with a couple if/elseif's
lc
Forum Contributor
Posts: 188
Joined: Tue Apr 23, 2002 6:45 pm
Location: Netherlands

Post by lc »

Okie yup strip_tags isn't perfect either but at least it's secure. Thx ;) I'm using it now.
User avatar
volka
DevNet Evangelist
Posts: 8391
Joined: Tue May 07, 2002 9:48 am
Location: Berlin, ger

Post by volka »

XMTP <-> eXtensible Mail Transport Protocol
but I've never seen a <xmpt>-tag 8O
Post Reply