FUDforum
Fast Uncompromising Discussions. FUDforum will get your users talking.

Home » Imported messages » comp.lang.php » GUI designer in html
Show: Today's Messages :: Polls :: Message Navigator
Return to the default flat view Create a new topic Submit Reply
Re: PS Re: GUI designer in html [message #182453 is a reply to message #182439] Mon, 05 August 2013 00:59 Go to previous messageGo to previous message
Norman Peelman is currently offline  Norman Peelman
Messages: 126
Registered: September 2010
Karma:
Senior Member
On 08/04/2013 01:09 PM, J.O. Aho wrote:
> On 04/08/13 18:47, Twayne wrote:
>> On 2013-08-04 2:32 AM, Lightee wrote:
>>
>> I feel it's necessary to let you know that HTML forms are notoriously
>> famous for being hacked, cracked and used by miscreants for spamming
>> using your forms.
>
> It's not the HTML forms, but the scripts which are to handle the input
> which do not validate the content properly, no HTML WYSIWYG will make
> the script to validate better, no matter how pretty the form looks like.
>
>
>> The best way to alleviate those exposures is to learn PHP coding, IMO.
>> You may write your first page in HTML, and then use a second PHP page to
>> do all the testing of input data on the server-side where no one can see
>> it working nor can they easily get past a rotund random code and
>> sanitization and validation codes.
>
> Rule one, always validate user input, no matter if it's always your
> mother who does the input, one day she may just try to see what happens
> if she enters "'; drop database youdatabase; #" as input and as you
> never have a backup of the database, you lost everything.
>
>

That's only if you go out of your way to enable multiple statements
by using 'mysqli_multi_query()', which doesn't support prepared
statements. By default mysqli_query() and mysqli_real_query() do not
allow multiple queries separated by semi-colons.

http://us2.php.net/manual/en/mysqli.quickstart.multiple-statement.php


--
Norman
Registered Linux user #461062
-Have you been to www.php.net yet?-
[Message index]
 
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Read Message
Previous Topic: GD Function help
Next Topic: Help with PHP BD imaging functionality
Goto Forum:
  

-=] Back to Top [=-
[ Syndicate this forum (XML) ] [ RSS ]

Current Time: Tue Nov 26 02:10:46 GMT 2024

Total time taken to generate the page: 0.03866 seconds