> Something like this (you might like to check the syntax, I'm working from
> memory here) might work:
>
> header('Content-Disposition: attachment; filename=somefile.html');
Thanks, I'll have to try that.
As for security, looks like I will need to watch out for the extensions.
Turns out that th
Dotan Cohen wrote:
On 7/16/05, Lauri Harpf <[EMAIL PROTECTED]> wrote:
I've been thinking of limiting this problem by preventing the direct
displaying of the code (ie. only allowing "Save As.." for the link to the
user-submitted HTML). I guess a bit of JS could prevent accidental
left-clicking on
On 7/16/05, Lauri Harpf <[EMAIL PROTECTED]> wrote:
> > Well, unless you have set your server up to execute PHP or CGI scripts in
> > .html files, which is a very bad idea, the only thing you need to worry
> > about is client-side scripting. You could just filter out all
> > tags if client-side scr
> Well, unless you have set your server up to execute PHP or CGI scripts in
> .html files, which is a very bad idea, the only thing you need to worry
> about is client-side scripting. You could just filter out all
> tags if client-side scripting isn't important for your
> application...
That'
Lauri Harpf wrote:
Now, if I make a point of not "chmod 755"ing the .html files in
question, the server should be safe from someone feeding a html file
with an embedded PHP script, right? Is there something else I should
be looking out for - or is there an even better way of handling the
transfer
5 matches
Mail list logo
