Strider64
-
Posts
5 -
Joined
-
Last visited
Posts posted by Strider64
-
-
I use "HTML purifier" and find it really easy to use. It saves me a lot of headaches from not having to worry about is or isn't my code sanitized.
-
Tip - "Once you adopt this system, you want to change the URLs for the links (in the HTML) and the action attribute form of the search form".
It felt like I read this over a thousand times in the book and it just didn't seem to click, man do I feel stupid. Needless to say it pays to really really pay attention to the details. I try to keep things simple as possible when I coding, but I have in the past spent time fixing the stupidest mistakes sometimes, I once spent a whole day a long time ago trying to figure out why my code wouldn't work. The problem was instead of having <?php I just had <?. I sometimes tend to have a hard time explaining, that's probably why I put too much code and I have visited other boards where people put to little code. I guess I will eventually find a happy medium the next time. I got it working and thanks once again for all the help - the both of you.
-
Thanks for the help, but that wasn't it. I think I will move on and revisit this some other time, I also suspect I'll have no problems (I hope) doing this on the web server when the time comes. I now wish I would had built a linux base computer or made it a dual boot system. Once again thanks.
-
First, I've been pulling my hair trying to resolve this problem, I really would like to be able to have clean urls.
First I running on Windows 8 using XAMPP ( I now wish I was using Linux ).
I made sure that my .htaccess file does indeed start with a period
Here the .access file
# Script 2.7 - .htaccess<IfModule mod_rewrite.c> # Turn on the engine:RewriteEngine on # Set the base to this directory:RewriteBase /chapter02/ # Redirect certain paths to index.php:RewriteRule ^(about|contact|this|that|search)/?$ index.p </IfModule>
here's the bottom of my httpd.conf file
# AJP13 Proxy<IfModule mod_proxy.c><IfModule mod_proxy_ajp.c>Include "conf/extra/httpd-ajp.conf"</IfModule></IfModule><Directory "c:/xampp/htdocs/php_test/chapter02"> AllowOverride All</Directory>
and here's part of my config.inc.php file
// Determine location of files and the URL of the site:// Allow for development on different servers.if ($local) { // Always debug when running locally: $debug = TRUE; // Define the constants: define('BASE_URI', 'c:/xampp/htdocs/php_test/chapter02'); define('BASE_URL', 'http://localhost/php_test/chapter02/'); define('DB', '/path/to/mysql.inc.php'); } else { define('BASE_URI', '/path/to/live/html/folder/'); define('BASE_URL', 'http://www.example.com/'); define('DB', '/path/to/live/mysql.inc.php'); }
Like I said I've been pulling my hair out, stopping apache server, restarting it, modifying code, restarting (even rebooting my machine once). I even did a Google search trying various "fixes" and even this forum. Any help would be greatly appreciated.
I know it is probably something stupid that I'm doing.
Best Regards,
John
Chapter 9 - Login Script 9.11
in PHP Advanced and Object-Oriented Programming: Visual QuickPro Guide (3rd Edition)
Posted
Going through and making sure every thing is secure, I think I found a flaw.
There is no need for:
for it's redudant and poises a security issue - never trust $_SERVER
All you have to do is this:
I have been testing this thoroughly and it works