We need it very necessary! The fact that PHP has no intelligence – it is not necessary. He just does what it says in the instructions. For example in the text is written to remove the forbidden sequences, he removes them, but do not check what it will end. When we say that the text should not be some characters (# #) we did a few times to check, and the script – one. And it's great! If we introduce # # # this script will truncate if : msg_start: script and it will cut. And if # : msg_start :#: msg_start: #? Not sure what's left? I know! Remain # # # and the script is not filter out as it is already filtered and now believes that fulfilled all that was required of him! Thanks to this body of writing that will be retained in a file that is intended for this to be violated and nobody will know, but when the user looks strange record everything and pops! We introduce a little more and get filthy guestbook, with a dusting of which the admin will be a very long time to suffer and, most importantly, in manual mode as due to a sequence of characters from the admin area it does not clean up. Still want to? Yes, easily! There is a special bar codes. Themselves asked for it – yes, we introduce *, more.

Garbage, too, will come out, and in some cases nothing at all will come out. Similarly to about username will say that there do nothing else. If something else wants to do is try for yourself. Now, for the administrators. If you do not want your guest book was attacked by so properly, replace the filter expressions on their codes, and whatever strangeness it may seem, more restrict users that they introduce. Believe me, it's not difficult, but as cool. And the more special characters you change in their codes the longer hold out your guestbook. In conclusion, I will provide data that must be integrated in all forms in order to be able to heartily laugh at the admin guestbook: Username: # # # Mail: / / By: * * * * * * * * * * * * * * Now everyone will see a message in which nothing, but still left him a man without a name. Ryabinin "stalker37" Alexander.

© 2011-2024 US-Brazil Business Opportunities All Rights Reserved