Zihni Kaya

ASCII Kod Tablosu– 7 bit

Tem 1st, 2010

yazar admin.

Char	Description	Decimal	Octal	Hexadecimal	Binary
NUL	(Null char.)	000	000	000	00000000
SOH	(Start of Header)	001	001	001	00000001
STX	(Start of Text)	002	002	002	00000010
ETX	(End of Text)	003	003	003	00000011
EOT	(End of Transmission)	004	004	004	00000100
ENQ	(Enquiry)	005	005	005	00000101
ACK	(Acknowledgment)	006	006	006	00000110
BEL	(Bell)	007	007	007	00000111
BS	(Backspace)	008	010	008	00001000
HT	(Horizontal Tab)	009	011	009	00001001
LF	(Line Feed)	010	012	00A	00001010
VT	(Vertical Tab)	011	013	00B	00001011
FF	(Form Feed)	012	014	00C	00001100
CR	(Carriage Return)	013	015	00D	00001101
SO	(Shift Out)	014	016	00E	00001110
SI	(Shift In)	015	017	00F	00001111
DLE	(Data Link Escape)	016	020	010	00010000
DC1	(XON) (Device Control 1)	017	021	011	00010001
DC2	(Device Control 2)	018	022	012	00010010
DC3	(XOFF)(Device Control 3)	019	023	013	00010011
DC4	(Device Control 4)	020	024	014	00010100
NAK	(Negative Acknowledgement)	021	025	015	00010101
SYN	(Synchronous Idle)	022	026	016	00010110
ETB	(End of Trans. Block)	023	027	017	00010111
CAN	(Cancel)	024	030	018	00011000
EM	(End of Medium)	025	031	019	00011001
SUB	(Substitute)	026	032	01A	00011010
ESC	(Escape)	027	033	01B	00011011
FS	(File Separator)	028	034	01C	00011100
GS	(Group Separator)	029	035	01D	00011101
RS	(Request to Send)(Record Separator)	030	036	01E	00011110
US	(Unit Separator)	031	037	01F	00011111
SP	(Space)	032	040	020	00100000
!	(exclamation mark)	033	041	021	00100001
“	(double quote)	034	042	022	00100010
#	(number sign)	035	043	023	00100011
$	(dollar sign)	036	044	024	00100100
%	(percent)	037	045	025	00100101
&	(ampersand)	038	046	026	00100110
‘	(single quote)	039	047	027	00100111
(	(left/opening parenthesis)	040	050	028	00101000
)	(right/closing parenthesis)	041	051	029	00101001
*	(asterisk)	042	052	02A	00101010
+	(plus)	043	053	02B	00101011
,	(comma)	044	054	02C	00101100
-	(minus or dash)	045	055	02D	00101101
.	(dot)	046	056	02E	00101110
/	(forward slash)	047	057	02F	00101111
0		048	060	030	00110000
1		049	061	031	00110001
2		050	062	032	00110010
3		051	063	033	00110011
4		052	064	034	00110100
5		053	065	035	00110101
6		054	066	036	00110110
7		055	067	037	00110111
8		056	070	038	00111000
9		057	071	039	00111001
:	(colon)	058	072	03A	00111010
;	(semi-colon)	059	073	03B	00111011
<	(less than)	060	074	03C	00111100
=	(equal sign)	061	075	03D	00111101
>	(greater than)	062	076	03E	00111110
?	(question mark)	063	077	03F	00111111
@	(AT symbol)	064	100	040	01000000
A		065	101	041	01000001
B		066	102	042	01000010
C		067	103	043	01000011
D		068	104	044	01000100
E		069	105	045	01000101
F		070	106	046	01000110
G		071	107	047	01000111
H		072	110	048	01001000
I		073	111	049	01001001
J		074	112	04A	01001010
K		075	113	04B	01001011
L		076	114	04C	01001100
M		077	115	04D	01001101
N		078	116	04E	01001110
O		079	117	04F	01001111
P		080	120	050	01010000
Q		081	121	051	01010001
R		082	122	052	01010010
S		083	123	053	01010011
T		084	124	054	01010100
U		085	125	055	01010101
V		086	126	056	01010110
W		087	127	057	01010111
X		088	130	058	01011000
Y		089	131	059	01011001
Z		090	132	05A	01011010
[	(left/opening bracket)	091	133	05B	01011011
\	(back slash)	092	134	05C	01011100
]	(right/closing bracket)	093	135	05D	01011101
^	(caret/cirumflex)	094	136	05E	01011110
_	(underscore)	095	137	05F	01011111
`		096	140	060	01100000
a		097	141	061	01100001
b		098	142	062	01100010
c		099	143	063	01100011
d		100	144	064	01100100
e		101	145	065	01100101
f		102	146	066	01100110
g		103	147	067	01100111
h		104	150	068	01101000
i		105	151	069	01101001
j		106	152	06A	01101010
k		107	153	06B	01101011
l		108	154	06C	01101100
m		109	155	06D	01101101
n		110	156	06E	01101110
o		111	157	06F	01101111
p		112	160	070	01110000
q		113	161	071	01110001
r		114	162	072	01110010
s		115	163	073	01110011
t		116	164	074	01110100
u		117	165	075	01110101
v		118	166	076	01110110
w		119	167	077	01110111
x		120	170	078	01111000
y		121	171	079	01111001
z		122	172	07A	01111010
{	(left/opening brace)	123	173	07B	01111011
\|	(vertical bar)	124	174	07C	01111100
}	(right/closing brace)	125	175	07D	01111101
~	(tilde)	126	176	07E	01111110
DEL	(delete)	127	177	07F	01111111

Kategori: Kategorilenmemiş.

Karakterlerin HTML entitileri

Tem 1st, 2010

yazar Zihni.

Henüz yorum yok

Code (Decimal)	Name	Char by Code	Char by Name
"	"	“	“
&	&	&	&
<	<	<	<
>	>	>	>

¡	¡	¡	¡
¢	¢	¢	¢
£	£	£	£
¤	¤	¤	¤
¥	¥	¥	¥
¦	¦	¦	¦
§	§	§	§
¨	¨	¨	¨
©	©	©	©
ª	ª	ª	ª
«	«	«	«
¬	¬	¬	¬

®	®	®	®
¯	¯	¯	¯
°	°	°	°
±	±	±	±
²	²	²	²
³	³	³	³
´	´	´	´
µ	µ	µ	µ
¶	¶	¶	¶
·	·	·	·
¸	¸	¸	¸
¹	¹	¹	¹
º	º	º	º
»	»	»	»
¼	¼	¼	¼
½	½	½	½
¾	¾	¾	¾
¿	¿	¿	¿
À	À	À	À
Á	Á	Á	Á
Â	Â	Â	Â
Ã	Ã	Ã	Ã
Ä	Ä	Ä	Ä
Å	Å	Å	Å
Æ	Æ	Æ	Æ
Ç	Ç	Ç	Ç
È	È	È	È
É	É	É	É
Ê	Ê	Ê	Ê
Ë	Ë	Ë	Ë
Ì	Ì	Ì	Ì
Í	Í	Í	Í
Î	Î	Î	Î
Ï	Ï	Ï	Ï
Ð	Ð	Ð	Ð
Ñ	Ñ	Ñ	Ñ
Ò	Ò	Ò	Ò
Ó	Ó	Ó	Ó
Ô	Ô	Ô	Ô
Õ	Õ	Õ	Õ
Ö	Ö	Ö	Ö
×	×	×	×
Ø	Ø	Ø	Ø
Ù	Ù	Ù	Ù
Ú	Ú	Ú	Ú
Û	Û	Û	Û
Ü	Ü	Ü	Ü
Ý	Ý	Ý	Ý
Þ	Þ	Þ	Þ
ß	ß	ß	ß
à	à	à	à
á	á	á	á
â	â	â	â
ã	ã	ã	ã
ä	ä	ä	ä
å	å	å	å
æ	æ	æ	æ
ç	ç	ç	ç
è	è	è	è
é	é	é	é
ê	ê	ê	ê
ë	ë	ë	ë
ì	ì	ì	ì
í	í	í	í
î	î	î	î
ï	ï	ï	ï
ð	ð	ð	ð
ñ	ñ	ñ	ñ
ò	ò	ò	ò
ó	ó	ó	ó
ô	ô	ô	ô
õ	õ	õ	õ
ö	ö	ö	ö
÷	÷	÷	÷
ø	ø	ø	ø
ù	ù	ù	ù
ú	ú	ú	ú
û	û	û	û
ü	ü	ü	ü
ý	ý	ý	ý
þ	þ	þ	þ
ÿ	ÿ	ÿ	ÿ
Œ	&OElig;	Œ	Œ
œ	&oelig;	œ	œ
Š	&Scaron;	Š	Š
š	&scaron;	š	š
Ÿ	&Yuml;	Ÿ	Ÿ
ƒ	&fnof;	ƒ	ƒ
ˆ	&circ;	ˆ	ˆ
˜	&tilde;	˜	˜
Α	Α	Α	Α
Β	Β	Β	Β
Γ	Γ	Γ	Γ
Δ	Δ	Δ	Δ
Ε	Ε	Ε	Ε
Ζ	Ζ	Ζ	Ζ
Η	Η	Η	Η
Θ	Θ	Θ	Θ
Ι	Ι	Ι	Ι
Κ	Κ	Κ	Κ
Λ	Λ	Λ	Λ
Μ	Μ	Μ	Μ
Ν	Ν	Ν	Ν
Ξ	Ξ	Ξ	Ξ
Ο	Ο	Ο	Ο
Π	Π	Π	Π
Ρ	Ρ	Ρ	Ρ
Σ	Σ	Σ	Σ
Τ	Τ	Τ	Τ
Υ	Υ	Υ	Υ
Φ	Φ	Φ	Φ
Χ	Χ	Χ	Χ
Ψ	Ψ	Ψ	Ψ
Ω	Ω	Ω	Ω
α	α	α	α
β	β	β	β
γ	γ	γ	γ
δ	δ	δ	δ
ε	ε	ε	ε
ζ	ζ	ζ	ζ
η	η	η	η
θ	θ	θ	θ
ι	ι	ι	ι
κ	κ	κ	κ
λ	λ	λ	λ
μ	μ	μ	μ
ν	ν	ν	ν
ξ	ξ	ξ	ξ
ο	ο	ο	ο
π	π	π	π
ρ	ρ	ρ	ρ
ς	&sigmaf;	ς	ς
σ	σ	σ	σ
τ	τ	τ	τ
υ	υ	υ	υ
φ	φ	φ	φ
χ	χ	χ	χ
ψ	ψ	ψ	ψ
ω	ω	ω	ω
ϑ	&thetasym;	ϑ	ϑ
ϒ	&upsih;	ϒ	ϒ
ϖ	ϖ	ϖ	ϖ
	&ensp;
	&emsp;

‌	&zwnj;	‌	‌
‍	&zwj;	‍	‍
‎	&lrm;	‎	‎
‏	&rlm;	‏	‏
–	–	–	–
—	—	—	—
‘	‘	‘	‘
’	’	’	’
‚	&sbquo;	‚	‚
“	“	“	“
”	”	”	”
„	&bdquo;	„	„
†	&dagger;	†	†
‡	&Dagger;	‡	‡
•	•	•	•
…	…	…	…
‰	&permil;	‰	‰
′	′	′	′
″	″	″	″
‹	&lsaquo;	‹	‹
›	&rsaquo;	›	›
‾	&oline;	‾	‾
⁄	&frasl;	⁄	⁄
€	€	€	€
ℑ	&image;	ℑ	ℑ
℘	&weierp;	℘	℘
ℜ	&real;	ℜ	ℜ
™	™	™	™
ℵ	&alefsym;	ℵ	ℵ
←	←	←	←
↑	↑	↑	↑
→	→	→	→
↓	↓	↓	↓
↔	↔	↔	↔
↵	&crarr;	↵	↵
⇐	⇐	⇐	⇐
⇑	&uArr;	⇑	⇑
⇒	⇒	⇒	⇒
⇓	&dArr;	⇓	⇓
⇔	⇔	⇔	⇔
∀	∀	∀	∀
∂	∂	∂	∂
∃	∃	∃	∃
∅	∅	∅	∅
∇	∇	∇	∇
∈	∈	∈	∈
∉	∉	∉	∉
∋	&ni;	∋	∋
∏	∏	∏	∏
∑	∑	∑	∑
−	−	−	−
∗	&lowast;	∗	∗
√	√	√	√
∝	&prop;	∝	∝
∞	∞	∞	∞
∠	&ang;	∠	∠
∧	&and;	∧	∧
∨	&or;	∨	∨
∩	∩	∩	∩
∪	∪	∪	∪
∫	∫	∫	∫
∴	&there4;	∴	∴
∼	&sim;	∼	∼
≅	&cong;	≅	≅
≈	≈	≈	≈
≠	≠	≠	≠
≡	&equiv;	≡	≡
≤	≤	≤	≤
≥	≥	≥	≥
⊂	⊂	⊂	⊂
⊃	⊃	⊃	⊃
⊄	&nsub;	⊄	⊄
⊆	&sube;	⊆	⊆
⊇	&supe;	⊇	⊇
⊕	&oplus;	⊕	⊕
⊗	&otimes;	⊗	⊗
⊥	&perp;	⊥	⊥
⋅	⋅	⋅	⋅
⌈	&lceil;	⌈	⌈
⌉	&rceil;	⌉	⌉
⌊	&lfloor;	⌊	⌊
⌋	&rfloor;	⌋	⌋
〈	&lang;	〈	〈
〉	&rang;	〉	〉
◊	&loz;	◊	◊
♠	&spades;	♠	♠
♣	&clubs;	♣	♣
♥	&hearts;	♥	♥
♦	&diams;	♦	♦

Kategori: HTML.

HTML Renk Kodları

Haz 28th, 2010

yazar Zihni.

Henüz yorum yok

HTML name	Hex code R G B	Decimal code R G B
Red colors
IndianRed	`CD 5C 5C`	`205 92 92`
LightCoral	`F0 80 80`	`240 128 128`
Salmon	`FA 80 72`	`250 128 114`
DarkSalmon	`E9 96 7A`	`233 150 122`
LightSalmon	`FF A0 7A`	`255 160 122`
Red	`FF 00 00`	`255 0 0`
Crimson	`DC 14 3C`	`220 20 60`
FireBrick	`B2 22 22`	`178 34 34`
DarkRed	`8B 00 00`	`139 0 0`
Pink colors
Pink	`FF C0 CB`	`255 192 203`
LightPink	`FF B6 C1`	`255 182 193`
HotPink	`FF 69 B4`	`255 105 180`
DeepPink	`FF 14 93`	`255 20 147`
MediumVioletRed	`C7 15 85`	`199 21 133`
PaleVioletRed	`DB 70 93`	`219 112 147`
Orange colors
LightSalmon	`FF A0 7A`	`255 160 122`
Coral	`FF 7F 50`	`255 127 80`
Tomato	`FF 63 47`	`255 99 71`
OrangeRed	`FF 45 00`	`255 69 0`
DarkOrange	`FF 8C 00`	`255 140 0`
Orange	`FF A5 00`	`255 165 0`
Yellow colors
Gold	`FF D7 00`	`255 215 0`
Yellow	`FF FF 00`	`255 255 0`
LightYellow	`FF FF E0`	`255 255 224`
LemonChiffon	`FF FA CD`	`255 250 205`
LightGoldenrodYellow	`FA FA D2`	`250 250 210`
PapayaWhip	`FF EF D5`	`255 239 213`
Moccasin	`FF E4 B5`	`255 228 181`
PeachPuff	`FF DA B9`	`255 218 185`
PaleGoldenrod	`EE E8 AA`	`238 232 170`
Khaki	`F0 E6 8C`	`240 230 140`
DarkKhaki	`BD B7 6B`	`189 183 107`
Purple colors
Lavender	`E6 E6 FA`	`230 230 250`
Thistle	`D8 BF D8`	`216 191 216`
Plum	`DD A0 DD`	`221 160 221`
Violet	`EE 82 EE`	`238 130 238`
Orchid	`DA 70 D6`	`218 112 214`
Fuchsia	`FF 00 FF`	`255 0 255`
Magenta	`FF 00 FF`	`255 0 255`
MediumOrchid	`BA 55 D3`	`186 85 211`
MediumPurple	`93 70 DB`	`147 112 219`
BlueViolet	`8A 2B E2`	`138 43 226`
DarkViolet	`94 00 D3`	`148 0 211`
DarkOrchid	`99 32 CC`	`153 50 204`
DarkMagenta	`8B 00 8B`	`139 0 139`
Purple	`80 00 80`	`128 0 128`
Indigo	`4B 00 82`	`75 0 130`
DarkSlateBlue	`48 3D 8B`	`72 61 139`
SlateBlue	`6A 5A CD`	`106 90 205`
MediumSlateBlue	`7B 68 EE`	`123 104 238`

HTML name	Hex code R G B	Decimal code R G B
Green colors
GreenYellow	`AD FF 2F`	`173 255 47`
Chartreuse	`7F FF 00`	`127 255 0`
LawnGreen	`7C FC 00`	`124 252 0`
Lime	`00 FF 00`	`0 255 0`
LimeGreen	`32 CD 32`	`50 205 50`
PaleGreen	`98 FB 98`	`152 251 152`
LightGreen	`90 EE 90`	`144 238 144`
MediumSpringGreen	`00 FA 9A`	`0 250 154`
SpringGreen	`00 FF 7F`	`0 255 127`
MediumSeaGreen	`3C B3 71`	`60 179 113`
SeaGreen	`2E 8B 57`	`46 139 87`
ForestGreen	`22 8B 22`	`34 139 34`
Green	`00 80 00`	`0 128 0`
DarkGreen	`00 64 00`	`0 100 0`
YellowGreen	`9A CD 32`	`154 205 50`
OliveDrab	`6B 8E 23`	`107 142 35`
Olive	`80 80 00`	`128 128 0`
DarkOliveGreen	`55 6B 2F`	`85 107 47`
MediumAquamarine	`66 CD AA`	`102 205 170`
DarkSeaGreen	`8F BC 8F`	`143 188 143`
LightSeaGreen	`20 B2 AA`	`32 178 170`
DarkCyan	`00 8B 8B`	`0 139 139`
Teal	`00 80 80`	`0 128 128`
Blue/Cyan colors
Aqua	`00 FF FF`	`0 255 255`
Cyan	`00 FF FF`	`0 255 255`
LightCyan	`E0 FF FF`	`224 255 255`
PaleTurquoise	`AF EE EE`	`175 238 238`
Aquamarine	`7F FF D4`	`127 255 212`
Turquoise	`40 E0 D0`	`64 224 208`
MediumTurquoise	`48 D1 CC`	`72 209 204`
DarkTurquoise	`00 CE D1`	`0 206 209`
CadetBlue	`5F 9E A0`	`95 158 160`
SteelBlue	`46 82 B4`	`70 130 180`
LightSteelBlue	`B0 C4 DE`	`176 196 222`
PowderBlue	`B0 E0 E6`	`176 224 230`
LightBlue	`AD D8 E6`	`173 216 230`
SkyBlue	`87 CE EB`	`135 206 235`
LightSkyBlue	`87 CE FA`	`135 206 250`
DeepSkyBlue	`00 BF FF`	`0 191 255`
DodgerBlue	`1E 90 FF`	`30 144 255`
CornflowerBlue	`64 95 ED`	`100 149 237`
RoyalBlue	`41 69 E1`	`65 105 225`
Blue	`00 00 FF`	`0 0 255`
MediumBlue	`00 00 CD`	`0 0 205`
DarkBlue	`00 00 8B`	`0 0 139`
Navy	`00 00 80`	`0 0 128`
MidnightBlue	`19 19 70`	`25 25 112`

HTML name	Hex code R G B	Decimal code R G B
Brown colors
Cornsilk	`FF F8 DC`	`255 248 220`
BlanchedAlmond	`FF EB CD`	`255 235 205`
Bisque	`FF E4 C4`	`255 228 196`
NavajoWhite	`FF DE AD`	`255 222 173`
Wheat	`F5 DE B3`	`245 222 179`
BurlyWood	`DE B8 87`	`222 184 135`
Tan	`D2 B4 8C`	`210 180 140`
RosyBrown	`BC 8F 8F`	`188 143 143`
SandyBrown	`F4 A4 60`	`244 164 96`
Goldenrod	`DA A5 20`	`218 165 32`
DarkGoldenrod	`B8 86 0B`	`184 134 11`
Peru	`CD 85 3F`	`205 133 63`
Chocolate	`D2 69 1E`	`210 105 30`
SaddleBrown	`8B 45 13`	`139 69 19`
Sienna	`A0 52 2D`	`160 82 45`
Brown	`A5 2A 2A`	`165 42 42`
Maroon	`80 00 00`	`128 0 0`
White colors
White	`FF FF FF`	`255 255 255`
Snow	`FF FA FA`	`255 250 250`
Honeydew	`F0 FF F0`	`240 255 240`
MintCream	`F5 FF FA`	`245 255 250`
Azure	`F0 FF FF`	`240 255 255`
AliceBlue	`F0 F8 FF`	`240 248 255`
GhostWhite	`F8 F8 FF`	`248 248 255`
WhiteSmoke	`F5 F5 F5`	`245 245 245`
Seashell	`FF F5 EE`	`255 245 238`
Beige	`F5 F5 DC`	`245 245 220`
OldLace	`FD F5 E6`	`253 245 230`
FloralWhite	`FF FA F0`	`255 250 240`
Ivory	`FF FF F0`	`255 255 240`
AntiqueWhite	`FA EB D7`	`250 235 215`
Linen	`FA F0 E6`	`250 240 230`
LavenderBlush	`FF F0 F5`	`255 240 245`
MistyRose	`FF E4 E1`	`255 228 225`
Gray colors
Gainsboro	`DC DC DC`	`220 220 220`
LightGrey	`D3 D3 D3`	`211 211 211`
Silver	`C0 C0 C0`	`192 192 192`
DarkGray	`A9 A9 A9`	`169 169 169`
Gray	`80 80 80`	`128 128 128`
DimGray	`69 69 69`	`105 105 105`
LightSlateGray	`77 88 99`	`119 136 153`
SlateGray	`70 80 90`	`112 128 144`
DarkSlateGray	`2F 4F 4F`	`47 79 79`
Black	`00 00 00`	`0 0 0`

Kategori: Kategorilenmemiş.

Güvenli PHP Uygulamaları – Formların Güvenliği

Şub 18th, 2009

yazar Zihni.

8 yorumlar

Betiklerimize istemediğimiz yerlerden form verilerinin gönderilmesiyle ortaya çıkar.

Aşağıdaki gibi bir formumuz(form.php) olsun:

<form action="formIsle.php" method="POST">
	<input type="radio" name="medeniHali" value="bekar" checked="checked">
	<input type="radio" name="medeniHali" value="evli">
	<input type="radio" name="medeniHali" value="dul">
	<input type="submit" value="Gönder" />
</form>

Bu formu işleyen sayfamız(formIsle.php) ise aşağıdaki gibi olsun, formdan gelen medeni hali bilgisini yazdırıyor.

<?php
echo $_POST['medeniHali'];       
// Çıktı: bekar
?>

Saldırganın aşağıdaki formu(form.php) kendi bilgisayarından gönderdiğini varsayalım. Formun action özelliğine tam adresi yazıyor.

<form action="http://www.siteadresi.com/formIsle.php" method="POST">
	<input type="text" name="medeniHali" value="yalancı">
	<input type="submit" value="Gönder" />
</form>

Form işleyen(formIsle.php) sayfamız yukarıda gönderilen formu işler.

<?php
echo $_POST['medeniHali'];
// Çıktı: yalancı
?>

Medeni hali, bekar-evli-dul değerlerinden birini alması gerekirken, “yalancı” diye bir değer almıştır.

Bunu önlemek için tek kullanımlık bir şifre oluşturulabilir:

<?php 
$formAnahtar = rand(10000,1000000);
$_SESSION['formAnahtar'] = $formAnahtar;
?>
<form action="http://www.siteadresi.com/formIsle.php" method="POST">
	<input type="radio" name="medeniHali" value="bekar" checked="checked">
	<input type="radio" name="medeniHali" value="evli">
	<input type="radio" name="medeniHali" value="dul">
	<input type="hidden" name="formAnahtar" value="<?php echo $formAnahtar; ?>">
	<input type="submit" value="Gönder" />
</form>

Formu işleyen(formIsle.php) sayfamız:

<?php
 
if($_SESSION['formAnahtar'] == $_POST['formAnahtar'])
	echo $_POST['medeniHali'];
else 
	echo "Bu form başka bir yerden geliyor.";
?>

Kategori: PHP.
Etiketler: güvenlik · rand

Güvenli PHP Uygulamaları – Cross site scripting(XSS)

Şub 13th, 2009

yazar Zihni.

2 yorumlar

Kullanıcının betiklerimize html kodu enjekte etmesiyle ortaya çıkar.
Girdi filtrelenmeden çıktı olarak sunuluyorsa bu saldıya uğranabilir.

Aşağıdaki gibi bir formumuz olsun:

<form id="form1" action="" method="post">
<textarea name="mesaj"></textarea>
<input type="submit" value="gönder" />
</form>

Formdaki mesaj alanına aşağıdaki javascript kodunun enjekte edildiğini varsayalım.

1
2
3

<?php 
<script type="text/javascript">window.location = 'http://www.zihni.net' </script>
?>

Girdiyi filtrelemeden, aşağıdaki şekilde ekrana yazdırırsak, sayfaya giren her kullanıcıyı istediğimiz siteye yönlendiririz.

1
2
3

<?php 
echo $_POST['mesaj'];
?>

Yukardaki kodun zararlı etkilerinden korunmak için girdiyi htmlentities() işleviyle filtrelememiz gerekir.

1
2
3

<?php 
echo htmlentities($_POST['mesaj']);
?>

Kategori: PHP.
Etiketler: güvenlik · htmlentities

ASCII Kod Tablosu– 7 bit

Karakterlerin HTML entitileri

HTML Renk Kodları

Güvenli PHP Uygulamaları – Formların Güvenliği

Güvenli PHP Uygulamaları – Cross site scripting(XSS)

Ara

Son Yazılar

Son Yorumlar

Siteye Giriş

Kategoriler

Bağlantılar

Zihni Kaya

ASCII Kod Tablosu– 7 bit

Karakterlerin HTML entitileri

HTML Renk Kodları

Güvenli PHP Uygulamaları – Formların Güvenliği

Güvenli PHP Uygulamaları – Cross site scripting(XSS)

Ara

Son Yazılar

Son Yorumlar

Etiket Bulutu

Siteye Giriş

Kategoriler

Bağlantılar