php - How can I filter metacharacters from user input in xss attack? -

-

on site on admin login page if this

http://www.domain.com/admin/index.php/%22onclick=document.location="http://www.google.com">

and click somewhere page redirects. read need filter metacharacters, after hours of googling still can't find out how can stop this. above see isn't doing get or post. how can block this?


Comments

Post a Comment

Popular posts from this blog

python - Scipy curvefit RuntimeError:Optimal parameters not found: Number of calls to function has reached maxfev = 1000 -

-
Image
i want make logharitmic fit. keep getting runtime error: optimal parameters not found: number of calls function has reached maxfev = 1000 i use following script. can tell me go wrong? use spyder still beginner. import math import matplotlib mpl scipy.optimize import curve_fit import numpy np #data f1=[735.0,696.0,690.0,683.0,680.0,678.0,679.0,675.0,671.0,669.0,668.0,664.0,664.0] t1=[1,90000.0,178200.0,421200.0,505800.0,592200.0,768600.0,1036800.0,1371600.0,1630800.0,1715400.0,2345400.0,2409012.0] f1n=np.array(f1) t1n=np.array(t1) plt.plot(t1,f1,'ro',label="original data") # curvefit def func(t,a,b): return a+b*np.log(t) t=np.linspace(0,3600*24*28,13) popt, pcov = curve_fit(func, t, f1n, maxfev=1000) plt.plot(t, func(t, *popt), label="fitted curve") plt.legend(loc='upper left') plt.show() your original data t1 , f1 . therefore curve_fit should given t1 second argument, not t . popt, pcov = curve_fit(func,...
Read more

java - where to store the user credentials in an enterprise application(EAI)? -

-
Image
background/context we developing event notification service . application @ high level looks below: our developene scope involves widget , ens. " ens " acts central point of collection types of events of interest users. user wants know when these types of events occur registers ens, identifies events in order , matches notifications subscriptions. the user wants subscibe should valid user of intergrated application(db, sap system etc) the sequence of events: now question is: what best pracitces in storing users db, sap etc credentials. edit how should user authenticated? should everytime messages delivered?(as @duffymo mentioned, if use strategy, affect source system) additional info: ens web-services. ens polls sap(and other applications) , problem becoming more complex. in sap there data-level authorization. not users allowed see events/data. if sap has pushed data, along user info has authorized see, no issues @ all. case 1: scheduler init...
Read more

openxml - Programmatically format a date in an excel sheet using Office Open Xml SDK -

-
i'm building excel xlsx spreadsheet using office open xml sdk. can add dates sheet converting them "ao" date representation , setting cell value number. can't, however, figure out how add dd-mm-yy formatting cell. i've seen lot of complicated examples have create stylesheet scratch, add format , reference format, figure there must easier way. i'm creating sheet template, , excel has builtin formats/styles. imo should able load stylesheet excel file i'm using template , apply format. can't figure out how though. if you're creating xlsx scratch can't avoid creating style sheet. minimally need style sheet , cell format element. cell format element can reference built-in date format in case can avoid custom number format, if want date format isn't built-in need number format element too. if you're creating xlsx template xlsx, can reference cell format that's defined, can sensitive since references based on index, sa...
Read more