user input question
Eric C
eric at newmag.org
Tue Apr 3 15:20:59 EDT 2007
Okay I see what you're saying. The user can add his
own queries in $hash and I'll be exacuting their query
along with mine. Do they need a space? I could add
this to the top of the script:
// Is there a ' ' in $hash?
if (preg_match("<\s>", $hash) > 0) {
echo " <p>That is not a correctly formed hash.
<b>Please try again.</b></p>
<a href=$linkback>Click here to return to the
main page.</a>";
require(XOOPS_ROOT_PATH.'/footer.php');
exit();
}
It will kick 'em out before anything else gets done.
What do you think?
--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
More information about the Discuss
mailing list