Looks great.
Looks great.
Thanks :]
The message url?
you mean error.php?message=bla What is wrong with that?
It's not a security hole aslong as he filters it correctly, which we know he does.
It wouldn't really matter anyway, you could just execute Javascript, which wouldn't matter, all you could get is the document cookie.. which only contains the php session ID, which is checked.
I find scriptaculous and jQuery is personal preference but simply less typing imo.
How could this hapen to meeeeeeeeeeeeeee?lol.
Want to hide these adverts? Register an account for free!