At 3:10 PM -0500 4/18/11, Shawn McKenzie wrote:
On 04/18/2011 12:06 PM, tedd wrote:Hi gang: Quite some time ago I had a demo that showed Javascript injection. It was where a user could type in: <script> alert("Evil Code");</script> and a JavaScript alert would be shown. But now my demo no longer works. So, what happened? Was there a php update that prohibited that sort of behavior or did hosts start setting something to OFF, or what? If you know, please explain. Thanks, teddMost likely like magic_quotes_gpc. Suhosin-Patch may protect against this as well (can't remember). -- Thanks! -Shawn
Shawn: Thanks, but it's something else. Cheers, tedd -- ------- http://sperling.com/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
