Discussions of secure PHP coding. Security in software is important, so don't be afraid to ask. And when answering: be anal. Nitpick. No security vulnerability is too small.
Hi,
I got an application word for a word (PHP) on my home system and on my remote forum server but on the remote I can post 3 posts and then it prohibits me from further posting while on my home system I can post as many posts I can.
Is the input controlled by the server provider (why should be) or is it my implementation somewhere(!?) that I need to figure out?
Thanks,
George
Well, I developed the application myself. It is a forum implementation and it works fine on my machine (of course) at home but I am having problems to run it on a provider's system. At home it runs on CentOS fine and it takes every input but on my provider's it refuses to accept input after 3 or so entries!?
Thanks,
George
I'm going to take a guess and say the server you're using online has a web application firewall installed on it, and that's stopping what it thinks is a spam/DoS attack.
Obviously that's a total guess because there's very little to go on.
I was told by the provider that they do not firewall anything. I will have to organize the code since I use function calls and so the code is elsewhere before I can post it.
I think I found the problem. It is the special characters that create the conflict. They work at some instance but not at other instance so I need to figure out where I got the implementation incomplete to take care of this issue.
You can see some of the issues at http://www.myforestspace.net.
Thanks,
George
So, what you are saying is that as long I will type it in within the page I should have no problems but once I send it in from a different source like the UTF-8 then I will have problems showing the right text?
I pasted the text from OpenOffice word processor and that caused same problems.
Thanks,
George
I'm dealing with a problem right now that sounds very similar to yours. I just recently found the error though, the database was saving everything in iso-8859-1 format, but I was trying to display it as cp850 (and then I tried utf-8, then windows-1251, then on and on, ugh). Long story short: make sure the charsets are the same on _all_ pages AND the database.