TalkPHP - View Single Post

Aaron · 04-16-2008, 05:26 AM

Okay, so I needed to make sure that I couldn't get XSSed through a get variable... needless to day I didn't remember what to do and I resorted to using regex to check it.

this is the code:

PHP Code:


			
if (preg_match($_GET["report"],'^http://*.com(/)?$') )
  mew();

04-16-2008, 05:26 AM	#1 (permalink)
Aaron The Frequenter Join Date: Dec 2007 Location: In my basement Posts: 386 Thanks: 47	Is this a propert URL regex? Okay, so I needed to make sure that I couldn't get XSSed through a get variable... needless to day I didn't remember what to do and I resorted to using regex to check it. this is the code: PHP Code: `if (preg_match($_GET["report"],'^http://.com(/)?$') ) mew();` __________________ Signatures are nothing but incriminating. Last edited by Aaron : 04-16-2008 at 05:47 AM.*