Page 2 of 2

Posted: Tue Feb 27, 2007 3:27 am
by Maugrim_The_Reaper
I'm pretty sure he was referring to an array based Front Controller - if the GET value does not match a listed page then the user would be shown an error. In the absence of a specific format that would work. Might still be useful to check what you intend allowing in the GET value - will it be alphanumeric only? Then you can check its valid quickly using ctype_alnum(), for example.

Posted: Tue Feb 27, 2007 5:44 am
by Mordred
arborint wrote:
The Ninja Space Goat wrote:yea it's awesome_magical_super_wonder_function() :lol:
That has been depricated ... use:

awesome_magical_real_super_wonder_function([mixed $pixiedust])
Mixed pixiedust, LOL!
Ever since the magic_quotes fiasco, one would imagine PHP designers should have learned, eh :)
anyone got any pieces of code which i can try and inject into my site?
Unfortunately (?) this forum's policy doesn't allow us to discuss penetration tactics, but if you show some code, then we can discuss concrete problems with it.

Posted: Tue Feb 27, 2007 1:45 pm
by Christopher
Mordred wrote:Ever since the magic_quotes fiasco, one would imagine PHP designers should have learned, eh :)
Why PHP does not have Request, Response, Filterchain and Validator classes in SPL after all this time is beyond me (they must be busy working on RecursiveSeekableCachingDirectoryRegexpIteratorIterator :crazy:). Although looking at the learning curve going on with those classes in the Zend Framework and things like the new filter extension ... perhaps it is a good thing that is has not been implement yet! ;)

Posted: Tue Feb 27, 2007 3:42 pm
by feyd
The SPL has gone beyond the realm of useful for myself to the realm of bulky and wasteful. It's a shame, I had high hopes.