Freelancers Network
 
skill list top cap
Homepage
Join the Freelancer's Network
Update your details
Find a freelancer
Post a project
Find a project
Projects Archive
Post a job
Find a job
Jobs Archive
See Dan's Pages
See Andy's Pages
Link to this site
Resources
Join/Leave Forum
Forum Messages
+Additions+ Adverts
Advertising
Contact Us
Subscribe to our newsletter - enter your email address and hit return
Freelancers.net is owned and operated by Andy Stowell and Dan Winchester
skill list end cap
guru web hostcom

Find me again on Freelancers.net

Freelancers Forum Messages on Sunday May 27th 2007

Re: FN-FORUM: PHP PostData security

date posted 27th May 2007 23:32

So am i right in thinking that a script like the one below would fix the problem?...

Re: FN-FORUM: PHP PostData security

date posted 27th May 2007 23:17

Alain, The informant may well be me! If so, James has demonstrated he has picked up a lot of what I mentioned but not quite pieced it together. That's not surprising given his age - and that I am hav...

Re: FN-FORUM: PHP PostData security

date posted 27th May 2007 22:48

Alain Williams wrote: > 1) GET forms, the form values are passed to the web server as part of the URL after a '?'. > You are recommended to use GET forms where the form is idempotent - ie always re...

Re: FN-FORUM: PHP PostData security

date posted 27th May 2007 22:45

> Errm: why would you want to do that ? How does that make your web site > more secure ? My guess would be that it doesn't allow data to be edited in between... but then again i'm failing to see wh...

Re: FN-FORUM: PHP PostData security

date posted 27th May 2007 22:43

From: "Anthony Cartmell" [EMAIL REMOVED] > > First of all does anyone know if this is really a risk and if so would > > the above solution have eliminated that risk? > URL injection attacks are a risk...

Re: FN-FORUM: PHP PostData security

date posted 27th May 2007 22:31

On Sun, May 27, 2007 at 08:13:26PM -0000, James Herrington wrote: > > Hi, > > I was informed recently of a security risk with post data submitted from > forms in PHP. I was told that if a message i...

Re: FN-FORUM: PHP PostData security

date posted 27th May 2007 22:25

I think its something to do with the fact that users can change post data whereas they cannot change session data. For example if the text is validated on the form and then posted the page the data...

RE: FN-FORUM: Doc Type

date posted 27th May 2007 22:08

Oh and the script errors are warnings not really errors, and mine has them too despite passing lol David J MacKillican http://www.djmwebservices.com your business open 24 hours -----Original Messa...

RE: FN-FORUM: Doc Type

date posted 27th May 2007 22:02

Hiya David Think I have this one dead easy, try doing; nnn You have this at 431and it passed the test, whereas what you have elsewhere, including what you have asked, does not. I...

Re: FN-FORUM: PHP PostData security

date posted 27th May 2007 21:52

> First of all does anyone know if this is really a risk and if so would > the above solution have eliminated that risk? Can't see how it would be. The only risk I can think of comes from displa...

Re: FN-FORUM: Doc Type

date posted 27th May 2007 21:50

David J MacKillican wrote: It would fail if there are any , XHTML is lower case throughout so > it must be and any mismatch in case will fail. > > And you are strict, change it to transitional and...

RE: FN-FORUM: Doc Type

date posted 27th May 2007 21:09

Keith wrote: > XHTML is case sensitive Furthermore, XHTML requires stricter mark-up rules: - Tag and attribute names to be in lower case - Attribute values must be enclosed in double quotes (")...

FN-FORUM: PayPal Manager Pro

date posted 27th May 2007 21:07

Hi Everyone, I was wondering if anyone had an experience with the PayPal Manager Pro API Commands and code? We are trying to build a site to take payments through PayPal Manager (https://manager.pa...

FN-FORUM: PHP PostData security

date posted 27th May 2007 21:04

Hi, I was informed recently of a security risk with post data submitted from forms in PHP. I was told that if a message is displayed asking the user to ressend data when the page is refreshed then...

RE: FN-FORUM: Doc Type

date posted 27th May 2007 21:00

Hiya [David J MacKillican] It would fail if there are any , XHTML is lower case throughout so it must be and any mismatch in case will fail. And you are strict, change it to transitional and most o...

Re: FN-FORUM: Doc Type

date posted 27th May 2007 20:46

[EMAIL REMOVED] wrote: > David Leedham Wrote: > > Hi > >> What's the URL? >> > > http://www.linkhomes2000.co.uk/trials/tryagain-index-2.php > > Must be a reason for all the errors but I don't...

RE: FN-FORUM: Doc Type

date posted 27th May 2007 20:41

David wrote: > What doc type should you use with JavaScript? I've some script in my > file and the html validator keeps telling me the opening script Tag > is not there, I know it is, I can see it....

Re: FN-FORUM: Doc Type

date posted 27th May 2007 20:39

David Leedham Wrote: Hi > What's the URL? http://www.linkhomes2000.co.uk/trials/tryagain-index-2.php Must be a reason for all the errors but I don't understand them? David G) ----------...

RE: FN-FORUM: Doc Type

date posted 27th May 2007 20:33

Hi What's the URL? -----Original Message----- From: [EMAIL REMOVED] [EMAIL REMOVED] On Behalf Of [EMAIL REMOVED] Sent: 27 May 2007 20:27 To: FN-FORUM / [EMAIL REMOVED] Subject: FN-FORUM: Doc Type...

FN-FORUM: Anyone using webERP?

date posted 27th May 2007 20:28

Hi folks, just wondering if anyone is using webERP? I've been asked to install it for a client to give them a chance to evaluate it, but despite all my best efforts I am not having much success, so t...

FN-FORUM: Doc Type

date posted 27th May 2007 20:18

Hi, What doc type should you use with JavaScript? I've some script in my file and the html validator keeps telling me the opening script Tag is not there, I know it is, I can see it. The validator...

RE: FN-FORUM: Site check please

date posted 27th May 2007 11:54

James Morning, just about to go and relax. Yes when the contact form went in (from my old version) I realised I failed that bit, as with the inline styles (that is the footer) which also came from t...

Re: FN-FORUM: Site check please

date posted 27th May 2007 11:42

> Since I am not a designer as those comments were not unexpected. > It was a rework rigidly to w3c standards, since my current contract has > very > rigid requirements for conformity, which must alw...

RE: FN-FORUM: Site check please

date posted 27th May 2007 11:06

David It is always a risk putting things up for others to look at, and it was not really unexpected. The main purpose was to have it run in different browsers and get feedback relating to that, sin...

Re: FN-FORUM: e-commerce website

date posted 27th May 2007 09:07

On 26 May 2007, at 8:39 pm, film film wrote: > > > Hi there, > > it may be difficult question i'll ask however i have to start from > somewhere. > > I need to set up a website based on subscription...

Re: FN-FORUM: Site check please

date posted 27th May 2007 00:47

Hi David, I've put site templates up and been destroyed. When you ask for a site evaluation. don't get upset if it comes back less than you expected, otherwise don't put it up there. I think that...

Messages by Day
May 31st 2007
May 30th 2007
May 29th 2007
May 28th 2007
May 27th 2007
May 26th 2007
May 25th 2007
May 24th 2007
May 23rd 2007
May 22nd 2007
May 21st 2007
May 20th 2007
May 19th 2007
May 18th 2007
May 17th 2007
May 16th 2007
May 15th 2007
May 14th 2007
May 13th 2007
May 12th 2007
May 11th 2007
May 10th 2007
May 9th 2007
May 8th 2007
May 7th 2007
May 6th 2007
May 5th 2007
May 4th 2007
May 3rd 2007
May 2nd 2007
May 1st 2007


Messages by Month
December 2007
November 2007
October 2007
September 2007
August 2007
July 2007
June 2007
May 2007
April 2007
March 2007
February 2007
January 2007


Messages by Year
2008
2007
2006
2005
2004
2003
2002
2001
2000