473,408 Members | 1,854 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

home > topics > php > questions > caution will nasty user input

Join Bytes to post your question to a community of 473,408 software developers and data experts.

Caution will nasty user input

I've received some input from the user's browser, checked it for unpleasant
stuff, and determined that it contains characters I'm not happy with. I'd
like to store it or email it to an administrator for inspection (so attack
types can be monitored and so on).

What steps should I take to ensure that the code that delivers the email or
writes to the log file doesn't get exploited by something which I know is
nasty? I thought of base64 encoding it, but that would render it unreadable
without a special viewer of some sort. Is there something I can do to
guarantee the string is harmless without obfusticating it too much?

--
The email address used to post is a spam pit. Contact me at
http://www.derekfountain.org : <a
href="http://www.derekfountain.org/">Derek Fountain</a>
Jul 17 '05 #1
1 1558
Derek Fountain wrote:
<snip>
What steps should I take to ensure that the code that delivers the email or writes to the log file doesn't get exploited by something which I know is nasty? I thought of base64 encoding it, but that would render it unreadable without a special viewer of some sort. Is there something I can do to
guarantee the string is harmless without obfusticating it too much?


htmlspecialchars() ?

--
<?php echo 'Just another PHP saint'; ?>
Email: rrjanbiah-at-Y!com Blog: http://rajeshanbiah.blogspot.com/

Jul 17 '05 #2
New Post

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

26
Nasty code...but please critique it anyway :-)
by: Michael Strorm | last post by:
Hi! I posted a message a while back asking for project suggestions, and decided to go with the idea of creating an adventure game (although it was never intended to be a 'proper' game, rather an...
C / C++
48
Adobe GoLive 6 - Nasty feature with UTF-8 encoding
by: Zenobia | last post by:
Recently I was editing a document in GoLive 6. I like GoLive because it has some nice features such as: * rewrite source code * check syntax * global search & replace (through several files at...
HTML / CSS
7
html table rules=all, css border:none Mozilla1.6- incl draws stillnasty interiour border
by: Marek Mänd | last post by:
When using <TABLE rules="all"> Mozilla 1.6 and previous versions draw a nasty interiour border, which doesnt go away though I have on TD's css border:none set. Is it something wrong with my...
HTML / CSS
87
Caution SONY Music CDs have trojan Malware
by: Sony Music CDs install Malware | last post by:
Whether you are a web surfer or a C++ developer, if you use Windows be cautioned about SONY music CDs. They contain 'viewer' type software that is actually a trojan horse for a "rootkit". The...
C / C++
1
Look at this critical update
by: Pierre Rivest | last post by:
C# / C Sharp
1
Nasty connection String error / encoding.ascii.getstring error
by: james | last post by:
I am creating an connection string at runtime using decryption (crypto libraries). i have a very unpridictable error while assinging the generated connection string to the connection property. ...
Visual Basic .NET
5
Onsubmit form validation will not run..
by: plumba | last post by:
Hi all I have a form (see below), which for some reason has decided to stop functioning all together. It just does not call up the function. It is called up in the opening <form> tag but...
Javascript
1
Constructing ASP in VS2005. One dropdownlist control will notcooperate
by: Brent White | last post by:
I can't figure out what I'm doing differently with this one drop-down list control from the other two that are working just fine. Background: I am constructing a page that will allow a user to...
ASP.NET
13
********Caution Newbie********editing and deleting from mysqldatabase
by: Baldaris | last post by:
Show.php--This is for showing movie names available in database <?php include "auth.php"; $query="SELECT movie_id,movie_name FROM moviesite"; $result=mysql_query($query,$link) or die("Can't...
PHP
0
Migrating Website to Cloud - Emmanuel Katto
by: emmanuelkatto | last post by:
Hi All, I am Emmanuel katto from Uganda. I want to ask what challenges you've faced while migrating a website to cloud. Please let me know. Thanks! Emmanuel
General
1
Looking to do Android software development, any suggestions? Is flutter better?
by: nemocccc | last post by:
hello, everyone, I want to develop a software for my android phone for daily needs, any suggestions?
General
1
Is that possible of reading the .csv file in column wise and the column have different lengths ?
by: Sonnysonu | last post by:
This is the data of csv file 1 2 3 1 2 3 1 2 3 1 2 3 2 3 2 3 3 the lengths should be different i have to store the data by column-wise with in the specific length. suppose the i have to...
C / C++
0
How to build RAID in BIOS?
by: Hystou | last post by:
There are some requirements for setting up RAID: 1. The motherboard and BIOS support RAID configuration. 2. The motherboard has 2 or more available SATA protocol SSD/HDD slots (including MSATA, M.2...
Computer Hardware
0
marktang
What is ONU?
by: marktang | last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However,...
General
0
Oralloy
Problem With Comparison Operator <=> in G++
by: Oralloy | last post by:
Hello folks, I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>". The problem is that using the GNU compilers,...
C / C++
0
The easy way to turn off automatic updates for Windows 10/11
by: Hystou | last post by:
Overview: Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows...
Windows Server
0
tracyyun
Discussion: How does Zigbee compare with other wireless protocols in smart home applications?
by: tracyyun | last post by:
Dear forum friends, With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each...
General
0
isladogs
Access Europe - Using VBA to create a class based on a table - Wed 1 May
by: isladogs | last post by:
The next Access Europe User Group meeting will be on Wednesday 1 May 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM). In this session, we are pleased to welcome a new...
Microsoft Access / VBA

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.

BYTES.COM © 2024
About Bytes
Terms Of Use
Privacy Policy
Sitemap
Advertise on Bytes:
Post a Job
Sponsored Posts
Platinum & Gold Sponsors
Hire Now!