The security shouldn't be a problem. The user will be taken to
www.whatever.com/index.php?page=thispage
index.php then searches for a record with name = thispage and then evaluates
the code stored in a different column of the database.
If the name isn't found, "This page cannot be found" is displa
The security danger comes from someone calling things like
site_domain/page.php?var=url_encoded_code_here
which will then execute all the code...
Of course you can before getting the code from the database, clear the
var and later check for it's size...
Cheers,
Luis Ferro
TelaDigital
Micha
eval ('?>'.$var.' then comes the content of the php script which also can
contain
html and then we reopen
and you say
$var = "";
you'll result in
...
eval("?> schrieb im Newsbeitrag
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> Hi.
> I'm changing my website to one based on My-SQL which will
