Today's Posts Follow Us On Twitter! TFL Members on Twitter  
Forum search: Advanced Search  
Navigation
Marketplace
  Members Login:
Lost password?
  Forum Statistics:
Forum Members: 24,254
Total Threads: 80,792
Total Posts: 566,471
There are 1299 users currently browsing (tf).
 
  Our Partners:
 
  TalkFreelance     Design and Development     Programming     PHP and MySQL :

PHP Page includes..

Thread title: PHP Page includes..
Closed Thread  
Page 3 of 3 < 1 2 3
    Thread tools Search this thread Display Modes  
01-12-2006, 09:08 PM
#21
Dray is offline Dray
Dray's Avatar
Status: Request a custom title
Join date: Sep 2005
Location: Texas
Expertise:
Software:
 
Posts: 1,139
iTrader: 0 / 0%
 

Dray is on a distinguished road

  Old

If you use Ajax you don't even have to use index.php?blah=blah nor you have to reload the page...but it is much less safer...

Oh and didn't you say you didn't want to use stuff like index.php?blah=blah in your first post or something??

01-12-2006, 10:03 PM
#22
blindchild02 is offline blindchild02
blindchild02's Avatar
Status: TF Veteran
Join date: Jan 2005
Location:
Expertise:
Software:
 
Posts: 3,258
iTrader: 2 / 100%
 

blindchild02 is on a distinguished road

  Old

Originally Posted by Dray
If you use Ajax you don't even have to use index.php?blah=blah nor you have to reload the page...but it is much less safer...

Oh and didn't you say you didn't want to use stuff like index.php?blah=blah in your first post or something??
yes, because i was told it was unsafe, and easy to hack?

01-12-2006, 10:29 PM
#23
Nirvana- is offline Nirvana-
Status: Member
Join date: Sep 2005
Location: United States
Expertise:
Software:
 
Posts: 286
iTrader: 0 / 0%
 

Nirvana- is on a distinguished road

  Old

its not necessarily unsafe.
if you use the switch statement, the first way i showed, it would be the safest, because you are defining the allowed variables.
you would be better off using that method..

01-12-2006, 10:51 PM
#24
sketchie is offline sketchie
sketchie's Avatar
Status: Senior Member
Join date: Jul 2005
Location:
Expertise:
Software:
 
Posts: 835
iTrader: 1 / 100%
 

sketchie is on a distinguished road

  Old

Just makesure you do necessary safety checks with GET variables (url variables).

For instance if it's used for a page number use this
PHP Code:
<?php
if (is_int($_GET['id']))
{
//Do Stuff here
}
else
{
echo 
"Page Number was Invalid.";
}
?>
It will test that it's an integer, making sure no one's edited it with other things...

Use switch cases also.

If you're working alongside with MySQL and using the data from the URL variables makesure you addslashes() or/and htmlspecialchars(). To help prevent them submitting dangerous info.

01-13-2006, 12:19 AM
#25
Dray is offline Dray
Dray's Avatar
Status: Request a custom title
Join date: Sep 2005
Location: Texas
Expertise:
Software:
 
Posts: 1,139
iTrader: 0 / 0%
 

Dray is on a distinguished road

  Old

Originally Posted by blindchild02
yes, because i was told it was unsafe, and easy to hack?
The only problem with it is that certain people know how to intercept the stuff that AJAX sends/recieves to/from the server and edit it which will change the output...

There are of course precautions that you can take to be safe from this but I don't know any as I am not an AJAX expert. Anyway, if you want contact me on MSN I'll help you out with this

Closed Thread  
Page 3 of 3 < 1 2 3


Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools
Display Modes

  Posting Rules  
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump:
 
  Contains New Posts Forum Contains New Posts   Contains No New Posts Forum Contains No New Posts   A Closed Forum Forum is Closed