From: Matthew G. <gr...@mu...> - 2002-03-28 19:26:16
|
I need a way for users to publish their surveys that doesn't require the user or the administrator to create a php include. It can be very simple to start with, but I could see adding a user definable CSS as an easy addition, before we make the transition into XML/XLT. I understand the risks of accepting "tainted" user input. So what's wrong with this: <?php $sid=intval($id); include("/blah/public/handler.php");?> $id has been "un-tainted" with intval. -- brought to you by, Matthew Gregg... one of the friendly folks in the IT Lab. --------------------------------------\ The IT Lab (http://www.itlab.musc.edu) \____________________ Probably the world's premier software development center. Serving: Programming, Tools, Ice Cream, Seminars |