Re: [Phpwebsite-developers] Security Explained

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 422-6466

> we can lock out all html tags from normal users leaving them just 
> with BBCode? That would solve a great many of these types of security 
> issues.

Quick note: the hack works with BBCode as well
[img]index.php?module=users&doevil=1[/img]

-- 
Matthew McNaney
Internet Systems Architect
Electronic Student Services
Appalachian State University
Phone: 828-262-6493
http://phpwebsite.appstate.edu
http://ess.appstate.edu