Do you have a question? Post it now! No Registration Necessary. Now with pictures!
January 31, 2005, 4:49 pm
rate this thread
which just display some straight html text.
Now if I access:
the page suddenly turns into a form that lets you edit the content of
the page. What are the security risks I need to be aware of when
programming such a page? How would a malicious visitor know that
index.php is editable AND know they have to type in
index.php?editable=1 to display the editable content?
Should I store the editable content in files with 777 permissions or
something less open?
Perl has taint mode and a lot of good regexes to extract only what you
want from user input. What are the similar things I should be using in
Thx for any help for this php newbie!