 Is there any way I could beat the problem of users adding html in groupes and other parts (it would be nice in profiles) But hackers! ........ahhhh!!! I hate em . What if you could have all this user added html dumped on a different server so any malicious code cant mix with your data base and pages. you could have a html block that displays the desired content in an iframe...... . Is this a good idea????? Is it possable?????? Lol I am paranoid!!!!!!! |
like for instance ORCA could be hosted somewhere else |
there are loads of opertunitys to add in html on dolphin which means you can add any bad files viruses ect... Is there some way to make shure that If anything is added it will stay in the directory that it is put in like all the html that users add stays in the cage and isnt aloud out. there must be some way?? there are quite a few opertunitys |
Look at this script http://www.webmasterworld.com/forum13/1183.htm Can we apply this to the parts in articals, blogs, create groups, and any other part that alows a user to insert html? In my oppinion any part of a site that lets users add anything that they want is a BAD IDEA! But I am a long standing member of http://vampirefreaks.com/ Vampire freaks lets users add html to there profiles no problem....HOW?????? why can they do it and have no hacks? |
