bruce wrote:
rob,
i'm fully aware of the issues, and for the targeted sites that i'm focusing
on, i can employ strategies to prune the tree... but the overall issue is
that i'm looking for a tool/app/process that does what i've described.
the basic logic is that the app needs to use a config file, and that the app
should somehow find the requisite form using perhaps xpath, in combination
with some kind of pattern recognition/regex functionality...
once the app has the form, it can then get the underlying "stuff"
(selects/lists/items, etc.. which will form the basis for the querystrings
to the form action...
Don't know of anything that does this off hand but it'd be a good
project for a security check app :) See what values/options the form
accepts and what it fails with..
--
Postgresql & php tutorials
http://www.designmagick.com/
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
