how can this be

Collapse
X
Collapse
 
  • Page of 1
  • Filter
  • Time
  • Show
Clear All
new posts
Previous template Next
    #1

    how can this be

    have small problem with a persistant user who am trying to keep off my sites .

    i come across a bug with the lenght of username. .the form is set at max length 12 .and when i try it in opera or firefox it stops me at 12 characters . i will admit tho the sql length was set at 30 which i have rectified .. but even set at 30 how can someone enter more than 12 characters in a form thats set at 12. ???
    Code:
    $rform = "<form action=\"register.php\" method=\"post\"><p align=\"center\">";
  
  $rform .= "$ue Username: <input name=\"uid\" style=\"-wap-input-format: '*x'\" maxlength=\"12\"/><br/>";
    Wapchat4u


    Topsites4u
    Tags: None
    #2
    dont knw if yrs same as mine dave but on mine theres 2 bits 1 in index.php and others in core.php and 1 was set at 12 other was set at 30 and wasnt till set both to 12 it solved it

    Comment

      #3
      me thinks its register and core mate but will have a look at index anyway lol .
      Wapchat4u


      Topsites4u

      Comment

        #4
        yeah theres defo bit in mine on index m8

        Comment

          #5
          if(strlen($uid)>12){ chars length must be 12 only }

          Comment

            #6
            where do i put that ?
            Wapchat4u


            Topsites4u

            Comment

              #7
              register.php

              Comment

                #8
                people enter more characters by using css or by using scripts on browsers to modify form fields
                Last edited by something else; 21.06.10, 16:22.

                Comment

                  #9
                  ive got an addon that lets me change form fields, so dont think u can prevent it

                  Comment

                    #10
                    hey, your prob is your username max length is 12, and user can reg with more than 12char in username? its actually happened when anyone try to register with opera mini browser.it has the simple solution

                    Comment

                      #11
                      Originally posted by animal1982
                      ive got an addon that lets me change form fields, so dont think u can prevent it
                      . . .shut the fu.ck up i can 8-) anyone can.
                      Make sure ur database and script uses utf8-general, or any utf8. There myt be length issues when the encoding is different (thanks to twitter for that find) anyway, to stop that, try blocking it from client-side AND server-side! First like i said make sure ur db charset is utf8, then set the char limit to the amount u want, in dis case 12 (u may ave to change the db charset row by row). Then client side verification (useless bt oh well) using the maxlength attribute of the form tag, u can also use javascript since it wil be ignored by most mobile users bt NOT opera mini. The server side is more effective though:
                      PHP Code:
                      /// Put this line on top your registration page before accessing any $_POST array set
                      foreach($_POST as $post)$_POST trim($post);

                      /// The validation, dnt 4get to sanitize the data, and accept just alphanumeric characters
                      $uname $_POST['uname'];
                      if( !                       strlen($uname) < 13 AND ! strlen($uname) > 3){
                      /// Thats an error right there.

                      you might want to consider javascripting too tho as its effective to a point.

                      Comment

                        #12
                        Originally posted by mobileGIGS View Post
                        . . .shut the fu.ck up i can 8-) anyone can.
                        Make sure ur database and script uses utf8-general, or any utf8. There myt be length issues when the encoding is different (thanks to twitter for that find) anyway, to stop that, try blocking it from client-side AND server-side! First like i said make sure ur db charset is utf8, then set the char limit to the amount u want, in dis case 12 (u may ave to change the db charset row by row). Then client side verification (useless bt oh well) using the maxlength attribute of the form tag, u can also use javascript since it wil be ignored by most mobile users bt NOT opera mini. The server side is more effective though:
                        PHP Code:
                        /// Put this line on top your registration page before accessing any $_POST array set
                        foreach($_POST as $post)$_POST trim($post);

                        /// The validation, dnt 4get to sanitize the data, and accept just alphanumeric characters
                        $uname $_POST['uname'];
                        if( !                         strlen($uname) < 13 AND ! strlen($uname) > 3){
                        /// Thats an error right there.

                        you might want to consider javascripting too tho as its effective to a point.
                        //////////////////

                        fu.ck up gigs was just addin to what something else said

                        Comment

                        Previous template Next
                        Working...
                        X