When we say that the text should not be some sort of character (Eg # # #) we did a few times to check, and the script - one. And it's great! If we introduce # # # this script will truncate if : msg_start: script and it will cut. And if # : msg_start :#: msg_start: #? Not sure what's left? I know! Remain # # # and the script does not filter out since it is already filtered and now believes that fulfilled all that was required of him! Thanks to this body of writing that will be retained in a file that is intended for this to be violated and nobody will know, but when the user looks strange record everything and pops! We introduce a little more and get filthy guestbook, with a dusting of which the admin will be a very long time to suffer and, most importantly, in manual mode as due to a strings from admin it is not cleaned. Still want to? Yes, easily! There is a special bar codes. Themselves asked for it - yes, we introduce *, more. Garbage, too, will come out, and in some cases, nothing will come out. Similarly to about username will say that there do nothing else.
If something else wants to do is try for yourself. Now, for the administrators. If you do not want your guest book has been attacked in such a way that Replace the filter expressions on their codes, and whatever strangeness it may seem, more restrict users that they introduce. Believe me, it's not difficult, but as cool. And the more you change the special character of their codes the longer hold out your guestbook. In conclusion, I will provide data that must be integrated in all forms in order to be able to heartily laugh at the admin guestbook: Username: # # # Mail: / / [email protected] message: * * * * * * * * * * * * * * Now everyone will see a message in which nothing, but still left him a man without a name.
If something else wants to do is try for yourself. Now, for the administrators. If you do not want your guest book has been attacked in such a way that Replace the filter expressions on their codes, and whatever strangeness it may seem, more restrict users that they introduce. Believe me, it's not difficult, but as cool. And the more you change the special character of their codes the longer hold out your guestbook. In conclusion, I will provide data that must be integrated in all forms in order to be able to heartily laugh at the admin guestbook: Username: # # # Mail: / / [email protected] message: * * * * * * * * * * * * * * Now everyone will see a message in which nothing, but still left him a man without a name.
Recent Comments