-
Thanks for the reply, djr33. So is the code as I have it now safe or do I have to change something about it. I mean, I get what you just explained, but I do not think that I can apply it yet to my own code.
What I have now is
Code:
<?php
@extract($_POST);
$quickarchive_date = stripslashes($quickarchive_date);
$quickarchive_categories = stripslashes($quickarchive_categories);
if ( $quickarchive_categories == "C" && $quickarchive_date == "#" ) {
$url = "http://www.mysite.com/weblog/archive_2/";
} elseif ( $quickarchive_categories != "C" && $quickarchive_date == "#" ) {
$url = "http://www.mysite.com/weblog/archive_2/".$quickarchive_categories."/" ;
} else {
$url = "http://www.mysite.com/weblog/archive_2/".$quickarchive_categories."/".$quickarchive_date ;
}
header("HTTP/1.1 301 Moved Permanently");
header("Location: $url");
exit;
?>
-
What are you using from the post data?
Remove @extract(... and replace any references to these newly created variables with $_POST['thatname'] instead.
That's about it.
In that case, it seems safe enough, probably.
