Regular Expressions (regex for short) appear to a lot of people as the 'black art' of coding. Most languages, be it PHP, Java, C, .NET, VB etc have a way of using regular expressions - and they can certainly make your job easier. So lets start on our journey into regular expressions. I am by no means an expert, but hopefully I'll be able to clear the fog that surrounds regular expressions!
Continue Reading 9 comments June 13th, 2006
Its quite common for people to have one main template, and 'include' their content into the main content area. This works well for small informational sites, where the main content is the bit that changes on each page.
You can spot these sites a mile away with their URL's all following a similar pattern:
http://www.domain.com/index.php?page=home
There's nothing wrong with this as such, however, the issue is when the input isn't validated. First, lets see the code on index.php that pulls in our main content
Continue Reading 2 comments April 21st, 2006
Its quite common these days to input one or more phone numbers. Be it home, work, fax or mobile, everyone's got a number, and you will invariably need to collect that piece of data some time soon.
Looking at some sites, its blatantly obvious that they do nothing to validate the data before it is entered into the database and when it is later retrieved, its printed out the same as it was input. A good thing would be to:
6 comments March 11th, 2006
It has become apparent that spammers are getting even smarter than we take them for. Rather than abuse open relays, which are almost non-existent, these scum-of-the-earth 'traders' are now abusing contact forms.
However, the problem isn't necessarily that they are attempting to use the contact forms. The problem that exists is that the average coder with little or no understanding of security issues can create a contact form for their website which can act as an open invitation to spammers.
The Problem
Lets take a quick look at a sample of code:
Continue Reading 47 comments February 24th, 2006
I thought I'd do a few small tutorials on data validation. Pretty much all websites now require some sort of user input, be it in the form of a newsletter or user registration, or a shopping cart. Its important that this data that is inputted is validated, else you'll find the wrong sort of data is inputted - either due to a malicious user, or a stupid one!
A lot of people get into PHP as its rather easy to code, but they overlook the most simple of input validation routines to ensure that the data coming from the end user matches what they expect. The golden rule of writing a PHP application is to never trust the user input, whether its come from a form via POST, the URL via GET or even a cookie.
Continue Reading 3 comments December 21st, 2005
| M | T | W | T | F | S | S |
|---|---|---|---|---|---|---|
| « Sep | ||||||
| 1 | 2 | 3 | 4 | |||
| 5 | 6 | 7 | 8 | 9 | 10 | 11 |
| 12 | 13 | 14 | 15 | 16 | 17 | 18 |
| 19 | 20 | 21 | 22 | 23 | 24 | 25 |
| 26 | 27 | 28 | 29 | 30 | 31 | |
© Copyright 2008 Jelly and Custard. All rights reserved.
Blix Theme by Sebastian Schmieg. Icons by Kevin Potts . Powered by WordPress . Login