PhotoPost Community - View Single Post

Chuck S · April 1st, 2005, 09:18 AM

Our zipcode integration is only US supported and what is packaged with the product.

You may post all the file modifications at the hack site meantioned above

You are the one wrong about the intval thing.

".intval($prodzipcode)." THAT IS A SANITISER you do not remove that

You dont need to sanatize a SELECT statement (thats pulling info from the database) however you do need to sanatize or check that the INPUTED DATA into an INSERT is sanatized to prevent malicious html etc from being entered.

We do not allow users to post potential bugs on our support forum hense is why I removed your code and asked you to post this elsewhere. Please refrain from posting any more code blocks that could confuse our customers and have them alter there code unsecurely.

April 1st, 2005, 09:18 AM	#4 (permalink)
Chuck S Photopost Developer Verified Customer Join Date: Jun 2002 Location: Abingdon,MD Posts: 68,044	Our zipcode integration is only US supported and what is packaged with the product. You may post all the file modifications at the hack site meantioned above You are the one wrong about the intval thing. ".intval($prodzipcode)." THAT IS A SANITISER you do not remove that You dont need to sanatize a SELECT statement (thats pulling info from the database) however you do need to sanatize or check that the INPUTED DATA into an INSERT is sanatized to prevent malicious html etc from being entered. We do not allow users to post potential bugs on our support forum hense is why I removed your code and asked you to post this elsewhere. Please refrain from posting any more code blocks that could confuse our customers and have them alter there code unsecurely. __________________ Photopost Developer and Support Engineer Please do not PM me for support or sales questions. Thank you for your understanding.