我有这个评论框和用户的每一个评论, 我得到了评论的内容, 并将其插入数据库。 但只要有某些破坏性用户进入或提醒( 哈罗世界 ) ; 。 它被检测到, 并造成网站的异常。 我如何防止这个问题? 或者如何忽略“ TEXT” 作为脚本的功能 。 谢谢!
You have to make sure that the data you output is interpreted as pure text instead of being parsed into code. This is commonly called "data sanitation" or "data sanitization".
You have all the clues in your question s comments. Summary:
I am trying to write a script to prevent brute-force login attempts in a website I m building. The logic goes something like this: User sends login information. Check if username and password is ...
<?php $con=mysql_connect("localhost","mts","mts"); if(!con) { die( unable to connect . mysql_error()); } mysql_select_db("mts",$con); /* date_default_timezone_set ("Asia/Calcutta"); $date = ...
I found this script online that creates a thumbnail out of a image but the thumbnail image is created with poor quality how can I improve the quality of the image. And is there a better way to create ...
如何确认来自正确来源的数字。
Most sites need some way to show the dates on the site in the users preferred timezone. Below are two lists that I found and then one method using the built in PHP DateTime class in PHP 5. I need ...
I wonder there is a way to post a message to a facebook business page with cURL? thanks
I want to create text as a watermark for an image. the water mark should have the following properties front: Impact color: white opacity: 31% Font style: regular, bold Bevel and Emboss size: 30 ...
How does php cast boolean variables? I was trying to save a boolean value to an array: $result["Users"]["is_login"] = true; but when I use debug the is_login value is blank. and when I do ...
