""Albert Wiersch"" <[EMAIL PROTECTED]> wrote in message news:[EMAIL PROTECTED]

I noticed my script at http://onlinewebcheck.com was sometimes (fairly often) failing to open some URLs that users have entered. fopen() returns false very quickly, but when tried again with the same URL, sometimes it works. What would cause this behavior? Why does fopen() occasionally fail to open valid http addresses but works at other times?

--
Albert Wiersch

You really need to filter your input more, have a list of what is acceptable not what is unacceptable. That being, make it a requirement that the url input has a TDL(.com, .net, .org, etc.) or is a valid IP(ping it), only allow alphanumerics for the name, etc. When you don't validate your site can get hacked, I know it's not really insecure but it's just an example of input you may not expect, if you try to validate http://localhost it goes ahead and validates your server's html.

- Dan
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Reply via email to