JAMESOMIGHTY Posted January 10, 2010 Posted January 10, 2010 this is what i have <?php $count = 3; $x = -1; while($x < $count) { $places_to_be_secured = array("ID","viewforum","viewtopic"); $x++; $_GET[$places_to_be_secured[$x]] = abs(@intval($_GET[$places_to_be_secured[$x]])); $_GET['ID'] = abs(@intval($_GET['ID'])); $_GET['viewforum'] = abs(@intval($_GET['viewforum'])); $_GET['viewtopic'] = abs(@intval($_GET['viewtopic'])); $_GET['reply'] = abs(@intval($_GET['reply'])); } Quote
Zeggy Posted January 10, 2010 Posted January 10, 2010 $places_to_be_secured = array('ID', 'viewforum', 'viewtopic', 'reply'); $limit = count($places_to_be_secured); for ($x = 0; $x < $limit; $x++) { $_GET[$places_to_be_secured[$x]] = abs(@intval($_GET[$places_to_be_secured[$x]])); } Fixed that for you. I can't comment on how secure it is. As far as I can tell, it's only useful if you need these fields to be positive integers. Quote
Magictallguy Posted January 11, 2010 Posted January 11, 2010 Don't rely on this to secure your header, it will do very little - it's more of a false sense of security. Whilst it does help with (very little) "securing" the GETDATA of ID, viewforum, viewtopic, and reply, it won't do much else. Stop looking for the short (lazy) way, and secure your code properly Quote
Zero-Affect Posted January 13, 2010 Posted January 13, 2010 a friend of mine used this method and it failed when he secured the actual script... was interesting but this is useless Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.