On 10/2/07, Al <[EMAIL PROTECTED]> wrote:
> I didn't mean that the function was foolproof, only the match function itself.
Understood. :-)
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
I didn't mean that the function was foolproof, only the match function itself.
However, your suggestion to add the line start is simple and effective.
Andrew Ballard wrote:
I'd suggest the following *slight* enhancement to make sure that the
HTTP_REFERER actually *begins* with the site name, no
Thanks for the info. I've modified the script to reflect that. I
actually ended up reversing it, and so I used !== 0 which should work
just the same.
All this is a minor portion of a much larger security scheme for an
intranet site (which is protected by an LDAP server), where I am just
t
I'd suggest the following *slight* enhancement to make sure that the
HTTP_REFERER actually *begins* with the site name, not simply contains
it.
// prevents visits from pages like
http://badsite.com/form.htm?http://www.wnc.edu
if (strpos($referer, $site) === 0)
{
echo 'yes';
}
(or, if you like
Frankly, I use preg_match() for this type of thing. It's simpler and foolproof.
The difference in speed is negligible.
Kevin Murphy wrote:
Overly simplified version of my code.
$site = "http://www.wnc.edu";;
$referer = $_SERVER["HTTP_REFERER"];
echo $referer;// the output is correct
I always get strpos wrong.
So typically in this case I would do something like:
list($file,$ext) = explode('.',$yourimage);
if ($ext != 'jpg' or $ext != 'jpeg')
{
error...
}
(More properly we should make sure jpg or jpeg are at the very end of the filename
i.e. you probably
don't like myfi
trpos($yourimage, ".jpg")) || (!strpos($yourimage, ".jpeg")))
J
>
> > -Original Message-
> > From: Martin Thoma [mailto:[EMAIL PROTECTED]]
> > Sent: Friday, November 16, 2001 9:42 AM
> > To: [EMAIL PROTECTED]
> > Subject: Re: [PHP] Re
Oops. Forgot about 0 return ;(
> -Original Message-
> From: Martin Thoma [mailto:[EMAIL PROTECTED]]
> Sent: Friday, November 16, 2001 9:42 AM
> To: [EMAIL PROTECTED]
> Subject: Re: [PHP] Re: strpos
>
>
> > if (!strpos(...))
> > will be better...
>
> if (!strpos(...))
> will be better...
Why?
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]
Hello!
if (!strpos(...))
will be better...
Best regards,
Andrew Kirilenko.
> -Original Message-
> From: Martin Thoma [mailto:[EMAIL PROTECTED]]
> Sent: Friday, November 16, 2001 9:28 AM
> To: [EMAIL PROTECTED]
> Subject: [PHP] Re: strpos
>
>
> strpos return f
strpos return false if the search fails. You have therefore to test for:
if (strpos(...,...) === false)
or
if (strpos(...,...) !== false)
Martin
Jtjohnston wrote:
> I suppose I'm doing this right? I want to know if the user entered
> "\.jpeg" or "\.jpg". If he didn't, it should error.
>
> I
11 matches
Mail list logo
