It took me about 2 minuites :D. I'm into PHP now. Link: evil_bartek.byethost9.com
byethost is a very good webhosting website, UNLIMITED BANDWITH AND UPLOAD SIZES! but only 50mb worth of mysql data, but I don't even think I will need 3mb.
On topic:
This is a VERY basic form with a binded php script.
You enter your name and your age and it will greet you.
How to do this the cool way:
evil_bartek.byethost9.com/welcome.php?fname=NAME&age=AGE
For people interested in seeing the source code then pm me.
A plus tard,
rokit boy.
My first PHP and HTML website.
It's been only an hour since you made the thread. Calm down.
The script is extremely basic. And also not very secure. See http://evil_bartek.byethost9.com/welcome.php?fname=%3Ciframe%20width=%22425%22%20height=%22344%22%20src=%22http://www.youtube.com/embed/A_sY2rjxq6M?fs=1&autoplay=1&loop=1%22%20frameborder=%220%22%20allowFullScreen=%22%22%3E%3C/iframe%3E&age=B
At the moment that isn't a very big problem, but if you were using a database, it would be an EXTREMELY big problem. Note that the iframe doesn't really work since you're escaping " and ', but sometimes that isn't enough.
This should help prevent the above example.
http://php.net/manual/en/function.htmlspecialchars.php
And once you start working with databases, read this
http://si2.php.net/manual/en/security.d ... ection.php
The script is extremely basic. And also not very secure. See http://evil_bartek.byethost9.com/welcome.php?fname=%3Ciframe%20width=%22425%22%20height=%22344%22%20src=%22http://www.youtube.com/embed/A_sY2rjxq6M?fs=1&autoplay=1&loop=1%22%20frameborder=%220%22%20allowFullScreen=%22%22%3E%3C/iframe%3E&age=B
At the moment that isn't a very big problem, but if you were using a database, it would be an EXTREMELY big problem. Note that the iframe doesn't really work since you're escaping " and ', but sometimes that isn't enough.
This should help prevent the above example.
http://php.net/manual/en/function.htmlspecialchars.php
And once you start working with databases, read this
http://si2.php.net/manual/en/security.d ... ection.php
Wow I totally fail at PHP.
Failed.
Code: Select all
<html>
<body>
<?php
if($_GET["fname"]!="" and $_GET["age"]!="")
{
$_GETage = htmlspecialchars($_GET["age"], ENT_DISALLOWED);
$_GETname = htmlspecialchars($_GET["fname"], ENT_DISALLOWED);
echo "Welcome " . $_GETname . "!\nYou are " . $_GETage . " years old.";
} else {
echo "Welcome " . "UKNOWN" . "!\nYou are " . "UKNOWN" . " years old.";
}
?>
</body>
</html>