user input question

Eric C eric at newmag.org
Tue Apr 3 15:20:59 EDT 2007


Okay I see what you're saying.  The user can add his
own queries in $hash and I'll be exacuting their query
along with mine.  Do they need a space?  I could add
this to the top of the script:

// Is there a ' ' in $hash?
if (preg_match("<\s>", $hash) > 0) {
 echo " <p>That is not a correctly formed hash. 
<b>Please try again.</b></p>
     <a href=$linkback>Click here to return to the
main page.</a>";
  require(XOOPS_ROOT_PATH.'/footer.php');
  exit();
}


It will kick 'em out before anything else gets done. 
What do you think?

-- 
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.




More information about the Discuss mailing list