If you are new to domains and looking to buy, sell and learn about domains then you have come to the right place. DNForum is the largest domain name community on the internet and continues to grow every day. There are over 105,000 domainers on DNForum doing everything from buying domains, selling domains, learning about domains and discussing domains. Take a minute and Register.
Register Today on DNForum IT'S FREE!J/W.
I use cookies extensively, especially on sites where you have to "Log In". it is a lot easier (for me at least) to do it this way rather than passing variables in the hyperlink or hidden form fields.
I do not abuse cookies. Typically, I will only store the userid so it can be read and then looked up in a database to get any info I need about the user. All of my cookies are destroyed when the user shuts down the browser.
-Bob
. . .
Cookies a lot .. if you look around on php.net, you can find the header file so that IE6 [on default settings] will accept your cookie.
I stay away from javascript ... and use it only for imageovers.
I use JavaScript only for Form Validation. I also do form validation on the PERL / PH level too. Yes, this is double kill, but JavaScript validation is a LOT quicker. But if for some reason the user does not allow JavaScript on their browser, the PERL / PHP script will do the validation as well.Originally posted by AhmedF
I stay away from javascript ... and use it only for imageovers.
-Bob
. . .
I always do this because someone can get the source for your page, modify it by taking out the clientside javascript validation, and then submit crap into your database to corrupt it.Originally posted by Bob
I also do form validation on the PERL / PH level too.
I also commonly use this function when adding stuff to database fields because users may embed script that will be executed when you display the values in a web page.
More handy "safe" functions are here:PHP Code:function safehtml($str) {
//nuke script and header tags and anything inbetween
$str = preg_replace("'<script[^>]*?>.*?</script>'si", "", $str);
$str = preg_replace("'<head[^>]*?>.*?</head>'si", "", $str);
//listed of tags that will not be striped but whose attributes will be
$allowed = "br|b|i|p|u|a|block|pre|center|hr";
//start nuking those suckers. don you just love MS Word's HTML?
$str = preg_replace("/<((?!\/?($allowed)\b)[^>]*>)/xis", "", $str);
$str = preg_replace("/<($allowed).*?>/i", "<\\1>", $str);
return $str;
}
http://us4.php.net/strip_tags
Last edited by NameGuy; 08-18-2003 at 03:55 PM.
from your title, I don't think it's wise to rely on JavaScript / Cookie for your site to work right.
Unlimited Domain Hosting - $20/mo
Dedicated Server - $99/mo
I use sessions because then it doesn't store a cookie.
same hereOriginally posted by Darren06
I use sessions because then it doesn't store a cookie.
But I'm thinking of using cookies in the near future as I want to implement an affiliate program into my site.
Posting Permissions
Copyright © 2001-2011 DNForum.com™ / DNF.com™
Whois Domain Registration .com.au registration Website Designed by DCG.com
View Profile
View Forum Posts
View Forum Threads
View Friends
View Blog Entries
Reply With Quote
Bookmarks