> -----Original Message-----
> From: Andre Dubuc [mailto:[EMAIL PROTECTED]]
> Sent: 28 May 2002 22:37
>
> if
> (eregi("<([^>]|\n)*>|/<SCRIPT.*?<\/SCRIPT>/ims|onClick|onLoad|
> onDblClick|
> onDragStart|onKeyDown|onKeyPress|onKeyUp|onMouseDown|onMouseMove|
> onMouseOut|MouseOver|SelectStart|Blur|Focus|Scroll|onMouseOver
> |onSelectStart|onBlur|
> onFocus|Scroll|SCRIPT|script|Select|Unload|Change||DELETE|rm|m
> kdir|COPY|
> CREATE|UPDATE|WHERE|AS|FROM|POST|INSERT|INTO|while", $rap));
Uh -- well, the semicolon on the end of that isn't going to help.
> {header("location:out.php");}
(This will always execute as the if's already been terminated!)
Cheers!
Mike
---------------------------------------------------------------------
Mike Ford, Electronic Information Services Adviser,
Learning Support Services, Learning & Information Services,
JG125, James Graham Building, Leeds Metropolitan University,
Beckett Park, LEEDS, LS6 3QS, United Kingdom
Email: [EMAIL PROTECTED]
Tel: +44 113 283 2600 extn 4730 Fax: +44 113 283 3211
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
