Sign Up to our social questions and Answers Engine to ask questions, answer people’s questions, and connect with other people.
Login to our social questions & Answers Engine to ask questions answer people’s questions & connect with other people.
Lost your password? Please enter your email address. You will receive a link and will create a new password via email.
Please briefly explain why you feel this question should be reported.
Please briefly explain why you feel this answer should be reported.
Please briefly explain why you feel this user should be reported.
Hi I have a web form that sends a string to one php file which redirects them to a corresponding URL. I’ve searched about web form hacking and I’ve only received information about PHP and SQL… my site only uses a single PHP file, very basic etc. Would it be open to any exploits? I’m obviously not going to post the URL, but here is some code I was working on for the php file:
Newbie PHP coding problem: header function (maybe, I need someone to check my code)
Thanks
From that little snippet, I don’t see anything dangerous. “Hackers” can enter pretty much anything they want into
$_REQUEST['sport']and thereby$searchsport, but the only place you use it is to access your array. If it’s not found in your array…. nothing much will happen. I think you’re safe in this limited scenario 😉 Just be careful not to use$searchsportfor…… just about anything else. Echoing it, or inserting it into a DB is dangerous.