""Albert Wiersch"" <support@xxxxxxxxxxxxxxxxx> wrote in message
news:D5.5A.52211.973D3774@xxxxxxxxxxxxxxx
I noticed my script at http://onlinewebcheck.com was sometimes (fairly
often) failing to open some URLs that users have entered. fopen() returns
false very quickly, but when tried again with the same URL, sometimes it
works. What would cause this behavior? Why does fopen() occasionally fail
to open valid http addresses but works at other times?
--
Albert Wiersch
You really need to filter your input more, have a list of what is acceptable
not what is unacceptable. That being, make it a requirement that the url
input has a TDL(.com, .net, .org, etc.) or is a valid IP(ping it), only
allow alphanumerics for the name, etc. When you don't validate your site
can get hacked, I know it's not really insecure but it's just an example of
input you may not expect, if you try to validate http://localhost it goes
ahead and validates your server's html.
- Dan
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
