Announcement:
World of Warcraft Bots, need some help in choosing the best bot?
World of Warcraft Bots, need some help in choosing the best bot?
News Archives
- We ain't dead (28-05-2008)
- The Blogkeepers (07-05-2008)
- RandomBase IRC (26-04-2008)
- Updates (17-04-2008)
- We're baaaaack (12-04-2008)
- There are 13 users online.
- Most users ever online was 424 on 03/16/08.
- Our poor server had to serve 25 pages in the last 15 minutes.
- And yet he managed to generate this page in 0.003 seconds.
Previous [ 1 - 2 - 3 - 4 - 5 - 6 ] Next
Statistics
Affiliates & friends
RandomBase.com isn't just one website - it is more.
You have a succesfull website but you are afraid of hackers who are going to kill your work ? Prevent it ! One of the most common attack type is XSS. If you can stop that you are already pretty secured against most hackers who try to login into your name.
XSS
XSS is Cross-Site-Scripting and allows the hacker to insert client side codes like javascript or html. After they have found an XSS leak they can easily steal your cookies and login on your account.
Prevention ? Easily ! PHP has a function called htmlspecialchars. This function will replace some html tags into their special significance. This prevents the code to execute as a normal html code !
Example:
<?php
$text = '<script>alert(1);</script>';
echo htmlspecialchars($text); //Will just print out <script>alert(1);</alert>
echo $text; //Will execute <script>alert(1);</alert>
?>
Output:
<script>alert(1);</script>
<script>alert(1);</script>
So when you have something were people can do a input trough (url, form) put before the command htmlspecialchars() so it can't be executed !