On 6/1/2011 5:10 PM, tedd wrote:
I'm sure this doesn't really NEED to be said - but just in case you're not aware, be careful here that you filter requests before you do anything with a get/post variable ;-)At 4:05 PM -0400 5/31/11, David Roth wrote:Hi Tedd.Thanks for your e-mail.That's returning a graphic and I was looking to get a return of text so the Javascript could make use of it. Unless I overlooked something in your example?Best regards, David
especially if you - access a database, a file or any server resource.so lets say you are feeding the ahah call a number and you want that image# $var.jpg you can do this safely only if you make sure that the var is a number and is within the expected range
hope that adds a tiny intro in case somehow someone someplace isn't aware of this. :-)
<<attachment: dan_horning.vcf>>
_______________________________________________ New York PHP Users Group Community Talk Mailing List http://lists.nyphp.org/mailman/listinfo/talk http://www.nyphp.org/Show-Participation
