Jump to content

Blog Script Help


BaLtAzAr
 Share

Recommended Posts

Hello everyone.I am learning php and I started with the development of blog scripts.Most of the scripts I did for example:-Admin can add post-Admin can edit post-Admin can delete the post-Admin can give another user admin-Admin can change any code-Admin can delete someone adminThis is only the v1 in the next version will be much more botheringme but now if one admin to another user, admin, and now the adminthrough the form they want to add a post and put in a post such as:<script type = "text / javascript">windows.location = ("http :/ / www.google.com")</ script>Now when someone wants to look at this post because it will not be able to redirect it to the site www.google.comPosts are entered via the form to the mysql databaseNow I want to deprive any unso script or to prohibit entry <script> iltag to deprive <? php header ('Location: http://www.yoursite.com/new_page.html');?>Thanks in advance

Link to comment
Share on other sites

i am not sure about your question. doyou want to stop inserting executing external scripts?

Link to comment
Share on other sites

If you want to protect against things like XSS attacks then I would recommend using something like HTMLPurifier.
Do you write me to me some code to prohibit entry XSS code and php scripts to redirect? Sory for bad english :D Edited by BaLtAzAr
Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

×
×
  • Create New...