waplet Posted September 22, 2008 Author Report Share Posted September 22, 2008 a kas tur nepareizs? Link to comment Share on other sites More sharing options...
Val Posted September 22, 2008 Report Share Posted September 22, 2008 (edited) un cik tālu ir pareizs? Edited September 22, 2008 by Val Link to comment Share on other sites More sharing options...
waplet Posted September 22, 2008 Author Report Share Posted September 22, 2008 Man povers par pareizību , kāpēc htmlspecialchars nestrādā1? Link to comment Share on other sites More sharing options...
Val Posted September 22, 2008 Report Share Posted September 22, 2008 (edited) nez. man vakar strādāja. :> $x = '<script>alert(1)</script>'; $y = htmlspecialchars($x); echo "pirms: $x<br />pēc: $y"; Edited September 22, 2008 by Val Link to comment Share on other sites More sharing options...
waplet Posted September 22, 2008 Author Report Share Posted September 22, 2008 Jā prikols tads , ka registrācijas failā es pieliekot htmlspecialchars , viss aizgaja , bet šis fails tieši negrib rukat! Link to comment Share on other sites More sharing options...
Val Posted September 22, 2008 Report Share Posted September 22, 2008 nu tak pārbaudi kodu da kaut pēc katras rindiņas izdrukā ko tev vajag pārbaudīt un skaties, kurā brīdī filma pazūd. pārējās includes arī neviens nav redzējis, izņemot tevi un vēl jautājums, vai vispār grib redzēt... Link to comment Share on other sites More sharing options...
waplet Posted September 22, 2008 Author Report Share Posted September 22, 2008 iekš func ir tikai function tiripiri(){ } kr4 daudz funkcijas tur ir , bet $uname nav funkcija! tas ir isset($_GET['uname']) Link to comment Share on other sites More sharing options...
Val Posted September 22, 2008 Report Share Posted September 22, 2008 ok. iemet to rindiņu te. Link to comment Share on other sites More sharing options...
waplet Posted September 22, 2008 Author Report Share Posted September 22, 2008 http://paste.php.lv/8047?lang=php re kur ir tas func_get_info.php un rekur ir func.php http://paste.php.lv/8048?lang=php itkā $Player_Name = $login , bet mūsu failā vēl ir $Player_Name = $uname! Link to comment Share on other sites More sharing options...
Val Posted September 22, 2008 Report Share Posted September 22, 2008 esmu stulbs, nevarēju atrast :D Link to comment Share on other sites More sharing options...
waplet Posted September 22, 2008 Author Report Share Posted September 22, 2008 nu laikam , bet povers , kāpēc tik un tā pēc htmlspecialčariem , met alertu :( Link to comment Share on other sites More sharing options...
marcis Posted September 23, 2008 Report Share Posted September 23, 2008 nu laikam , bet povers , kāpēc tik un tā pēc htmlspecialčariem , met alertu :( Tu izdarīji to, ko p4f teica? <CENTER>Персонаж <B><?=htmlspecialchars($uname);?></B> не найден в базе</CENTER> Link to comment Share on other sites More sharing options...
bubu Posted September 23, 2008 Report Share Posted September 23, 2008 marcis && p4F: paskatities tak pāris rindiņas augstāk: $uname = htmlspecialchars($uname); wapletam: kā jau teicu - iesaku sākt ar register_globals atslēgšanu. Tas iespējams palīdzēs tev saprast kodu, ko pats raksti. Link to comment Share on other sites More sharing options...
marcis Posted September 23, 2008 Report Share Posted September 23, 2008 bubu, pasaule pilna ar ļoļikiem <? $uname=htmlspecialchars($uname); $uname=htmlspecialchars_decode($uname); // šito citiem nerādam ?> bla bla <?=$uname;?> bla bla Link to comment Share on other sites More sharing options...
waplet Posted September 23, 2008 Author Report Share Posted September 23, 2008 Bubu es jau rakstiju , izslēdzot register globals , nerāda userus , ka ir tāds un cookii nojājas! Un kas būtu jāskatās kad viņu atslēdz? Link to comment Share on other sites More sharing options...
Recommended Posts