JAMESOMIGHTY Posted January 10, 2010 Share Posted January 10, 2010 this is what i have <?php $count = 3; $x = -1; while($x < $count) { $places_to_be_secured = array("ID","viewforum","viewtopic"); $x++; $_GET[$places_to_be_secured[$x]] = abs(@intval($_GET[$places_to_be_secured[$x]])); $_GET['ID'] = abs(@intval($_GET['ID'])); $_GET['viewforum'] = abs(@intval($_GET['viewforum'])); $_GET['viewtopic'] = abs(@intval($_GET['viewtopic'])); $_GET['reply'] = abs(@intval($_GET['reply'])); } Quote Link to comment Share on other sites More sharing options...
Zeggy Posted January 10, 2010 Share Posted January 10, 2010 $places_to_be_secured = array('ID', 'viewforum', 'viewtopic', 'reply'); $limit = count($places_to_be_secured); for ($x = 0; $x < $limit; $x++) { $_GET[$places_to_be_secured[$x]] = abs(@intval($_GET[$places_to_be_secured[$x]])); } Fixed that for you. I can't comment on how secure it is. As far as I can tell, it's only useful if you need these fields to be positive integers. Quote Link to comment Share on other sites More sharing options...
Magictallguy Posted January 11, 2010 Share Posted January 11, 2010 Don't rely on this to secure your header, it will do very little - it's more of a false sense of security. Whilst it does help with (very little) "securing" the GETDATA of ID, viewforum, viewtopic, and reply, it won't do much else. Stop looking for the short (lazy) way, and secure your code properly Quote Link to comment Share on other sites More sharing options...
Zero-Affect Posted January 13, 2010 Share Posted January 13, 2010 a friend of mine used this method and it failed when he secured the actual script... was interesting but this is useless Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.