i try to create my own script like Feed Discussion and i need to know what methods are vanilla used to secure the post. Just like, whe we post style tag for css script, vanilla removes that automatically.
i known the preg_replace, lol. The point is i want my automatic posts do the same as when we post manually.
htmlawed? I dont think so, cause i directly post to mysql database
thetryr said:
i known the preg_replace, lol. The point is i want my automatic posts do the same as when we post manually.
htmlawed? I dont think so, cause i directly post to mysql database
x00 said:
this question is so vague it is almost not worth answering.
nobody would go to an easter egg hunt if the eggs were always sitting in a pile in the middle of the field.>
Sometimes deciphering the question is harder than providing the solution to a well framed question.
There are a few masters of the indecipherable question here, I could name a few but you know who you are and we know who you are.
I may not provide the completed solution you might desire, but I do try to provide honest suggestions to help you solve your issue.
x00 said:
this question is so vague it is almost not worth answering.
nobody would go to an easter egg hunt if the eggs were always sitting in a pile in the middle of the field.>
Sometimes deciphering the question is harder than providing the solution to a well framed question.
There are a few masters of the indecipherable question here, I could name a few but you know who you are and we know who you are.
thetryr
New
Answers
You mean so nobody can see it?
or to prevent spammers?
or what?
I may not provide the completed solution you might desire, but I do try to provide honest suggestions to help you solve your issue.
i try to create my own script like Feed Discussion and i need to know what methods are vanilla used to secure the post. Just like, whe we post style tag for css script, vanilla removes that automatically.
I am confused
There was an error rendering this rich post.
htmlLawed
grep is your friend.
Oh you mean something like HtmLawed - something to validate and/or strip tags.
you could write your own preg_replace to replace anything that is not A-Za-z0-9 or whatever you want.
http://php.tutorialref.com/preg_replace-example.html
http://php.net/manual/en/function.preg-replace.php
I may not provide the completed solution you might desire, but I do try to provide honest suggestions to help you solve your issue.
i known the preg_replace, lol. The point is i want my automatic posts do the same as when we post manually.
htmlawed? I dont think so, cause i directly post to mysql database
i think thats the point...
Vanilla Wiki, Tastes Great! 31,000 viewers can't be wrong. || Plugin Development Explained
this question is so vague it is almost not worth answering.
grep is your friend.
this is what iv done, need sugestion to make it secure
----#curl euy#----------------
$tautan = 'http://localhost/index.php?qa=feed&qa_1=questions.rss';
$target = curl_init();
curl_setopt($target, CURLOPT_URL, $tautan);
curl_setopt($target, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($target, CURLOPT_CONNECTTIMEOUT, 20); // Time out 20 detik bisi di suspend
$ebol = curl_exec($target);
curl_close($target);
// $ebol = file_get_contents($tautan);
// $x = simplexml_load_string($ebol);
$x = new SimpleXmlElement($ebol);
----------------------------
foreach($x->channel->item as $item)
{
$titlepost = $item->title;
$titlepost = mysql_real_escape_string($titlepost);
$contentpost = $item->description;
$contentpost = mysql_real_escape_string($contentpost);
if($contentpost && $titlepost){
if(!mysql_num_rows(mysql_query("SELECT Name FROM GDN_discussion WHERE Name='$titlepost'")))
mysql_query("INSERT INTO GDN_discussion(CategoryID, InsertUserID, UpdateUserID, Name, Body, Format, DateInserted, DateUpdated)
VALUES('1', '1', '1', '$titlepost', '$contentpost', 'Html', '$dateTime', '$dateTime')") or
die(mysql_error());
}
by secure you mean strip out the potentially harmful tags such as
Assuming yes... then you need to add a function
html_tag_stripper($content){ //do work }then you need to call it...
that function would basically do what html lawed does...
Vanilla Wiki, Tastes Great! 31,000 viewers can't be wrong. || Plugin Development Explained
nobody would go to an easter egg hunt if the eggs were always sitting in a pile in the middle of the field.
Vanilla Wiki, Tastes Great! 31,000 viewers can't be wrong. || Plugin Development Explained
Sometimes deciphering the question is harder than providing the solution to a well framed question.
There are a few masters of the indecipherable question here, I could name a few but you know who you are and we know who you are.
I may not provide the completed solution you might desire, but I do try to provide honest suggestions to help you solve your issue.
it's like watching a murder mystery.. who dunnit?
Vanilla Wiki, Tastes Great! 31,000 viewers can't be wrong. || Plugin Development Explained