Hi, > > Hi, > > I am planning to use kses ( gpl ) for provide the needed filter related > > with some kinds of attacks protection. > > More information at sourceforge.net/projects/kses > > What does it implies? Adding a dependancy is a serious deal, and > unless it really makes a difference, it is not a good > thing. Especially when it is about a project still in beta stage, not > in debian.
Adding kses implies to add special functions to security.php . It is only a class , the functions will be in security.php and that functions will need to be called from the scripot that receives the variables. There is another way to protect variables, is using eregi , the method is this: we want to protect GET variables ( because we are using globals we need to set GET variables and POST variables ) , just use foreach to asign GET variables to $example. we will use $example with eregi to search for matching characters or entites and then making something if it matches. it is a basic filter. > > about /include: - needed to add a security-lib directory for store > > some files related with functions to be used in security.php > > Why? Unless you plan to add more than 30 functions, put them simply in > security.php. Ok. > > Please, first step: name the problems. Overcomplicating the code > without knowing why is not an option. Please, do not add new functions > without clear purpose. First locate issues. We will discuss on the > better way to fix the problems. But do not add plenty of function > while it is not clear we need them. > > > -- > Mathieu Roy > > +---------------------------------------------------------------------+ > | General Homepage: http://yeupou.coleumes.org/ | > | Computing Homepage: http://alberich.coleumes.org/ | > | Not a native english speaker: | > | http://stock.coleumes.org/doc.php?i=/misc-files/flawed-english | > +---------------------------------------------------------------------+ > >
