Geoff, You may want to look into html_entity_decode() <http://us2.php.net/manual/en/function.html-entity-decode.php> or url_decode() <http://us2.php.net/manual/en/function.urldecode.php> to see if they'll help.
Best regards, Jim at iDimensionz.com -- http://www.iDimensionz.com Professional web site design and affordable web site hosting. ------------------------------------------------------------------------ Get Firefox! <http://www.spreadfirefox.com/?q=affiliates&id=38044&t=84> – Get the new open source web browser, FireFox, and enjoy features like pop up blocking, tabbed browsing and MUCH more! Get Thunderbird! <http://www.spreadfirefox.com/?q=affiliates&id=38044&t=178> – Get the new open source e-mail client, ThunderBird, and enjoy features like integrated spam filter, privacy protection, integrated RSS reader and MUCH more! Geoff Lane wrote: > Hi All, > > One of my sites has been subjected to injection attacks recently. I've > done what I can for the moment and searching for "TO:" and "CC:" in > the user input foils most attempts. However, some attempts are getting > a little too close for comfort. These attacks are not succeeding - but > only because of a side effect of some unrelated cleaning that my > script performs before calling the mail() function. > > The problem seems to be that the attacker is encoding some or all of > their input as hex, which the PHP interpreter is happily decoding and > then acting upon. For example, an attacker might inject a BCC: field > by encoding it as %62%63%63%3A. > > Is there a PHP function to decode inline hex, for example to decode > the above example to "bcc:" ? > > TIA, > > -- > Geoff Lane > Cornwall, UK ------------------------ Yahoo! Groups Sponsor --------------------~--> Get Bzzzy! (real tools to help you find a job). Welcome to the Sweet Life. http://us.click.yahoo.com/A77XvD/vlQLAA/TtwFAA/CefplB/TM --------------------------------------------------------------------~-> The php_mysql group is dedicated to learn more about the PHP/MySQL web database possibilities through group learning. Yahoo! Groups Links <*> To visit your group on the web, go to: http://groups.yahoo.com/group/php_mysql/ <*> To unsubscribe from this group, send an email to: [EMAIL PROTECTED] <*> Your use of Yahoo! Groups is subject to: http://docs.yahoo.com/info/terms/
