|
We should probably put the major CMSs in here as well.
|
# ¿ Mar 19, 2008 22:48 |
|
|
# ¿ Apr 29, 2024 12:55 |
|
Zorilla posted:Is there a good way to gracefully reject file uploads that are too large? Limits are usually controlled through php.ini or other files that compliment it such as .htaccess, which means PHP is the one throwing a fit when something is too big. I think you should set it with html. <input type="hidden" name="MAX_FILE_SIZE" value="500" /> Aturaten posted:Is there any way to get a DIVs size using PHP? I really need to find this out soon, this image gallery is killing me. PHP has no idea of knowing what the page actually looks like in the browser or DOM. jQuery is your friend here.
|
# ¿ Oct 3, 2008 00:11 |
|
Hammerite posted:Just wanted to check that there aren't any security issues with doing this. User has been given to understand that any security concerns associated with using this facility are his problem, not mine, but I'd like to know. Don't send passwords using GET.
|
# ¿ Oct 15, 2009 01:40 |
|
POST will never appear in a URL string. It takes a lot amount more detective work to grab a password from POST compared to GET. If it is just one customer then put that functionality in but restrict it to the single login. POST isn't encrypted, but it at least tries to hide things.
|
# ¿ Oct 15, 2009 03:29 |
|
I'm not worried about the determined hacker. I'm worried about the unwilling hacker. Having a password in GET opens you up to people who don't know anything. POST at least requires a tiny bit of knowledge about how things work and is less likely to persist. Just warn the guy and do what you can to convince him to take a few steps for security. GET is a bad idea.
|
# ¿ Oct 15, 2009 05:34 |
|
|
# ¿ Apr 29, 2024 12:55 |
|
I have been using this for something simple.code:
|
# ¿ Oct 16, 2009 16:44 |