Hello!
How to prevent XXS/Bots attacks?
Please help!
Thank you!
XSS? Just don't allow HTML input.
As for bots, use a captcha.
For XXS can you show some piece of code.
But I had bots attack on my site and they were just comming on the site not spamming or anything.
Thanks!
XSS Prevention:
$str = $_POST['input'];
$str = htmlspecialchars($str);
echo $str;
Depending on what type of bots they are,
reCAPTCHA is a good solution.
(2011-10-22, 02:39 PM)Malcolm. Wrote: [ -> ]XSS Prevention:
$str = $_POST['input'];
$str = htmlspecialchars($str);
echo $str;
Depending on what type of bots they are, reCAPTCHA is a good solution.
Thank you!
MyBB has a function that you should use.
htmlspecialchars_uni()
So you'd use this:
$str = htmlspecialchars_uni($str);
(2011-10-22, 08:58 PM)labrocca Wrote: [ -> ]MyBB has a function that you should use.
htmlspecialchars_uni()
So you'd use this:
$str = htmlspecialchars_uni($str);
OP didn't specify if he wanted to apply it to a MyBB forum or not; hence why I didn't reference that function.
Nonetheless OP, htmlspecialchars_uni() would be your best solution if you are.
Easy enough to grab the official MyBB function for your own use though.
What's the advantage over using MyBB's function? (Not trying to be an lime, I'm genuinely interested.)
(2011-10-23, 12:16 AM)pyridine Wrote: [ -> ]What's the advantage over using MyBB's function? (Not trying to be an lime, I'm genuinely interested.)
MyBB's function allows unicode.
E.g. using U+00E9 for é.
(At least that's what I gathered by the comments)