I use MySQL to store most of the html for my pages. I then use php to gather the html from the data base and display it. I've noticed attacks on the site lately though. Normally you go to my site and the addresses are like: www.mysite.com/?page=somepage
The script loads the data and displays it. I'm getting hit sometimes as much as 50 times a day with people entering urls like: http://www.mysite.com/?page=http://w...t/asc/xpl/asc?
Because I'd never load executable code this way or have it include a file this way the only thing that happens is that my site displays a blank page. What I'm trying to do is undertand this attempted exploit. Does any one know what's going on here?
How come you're storing the HTML in SQL? Can you not base your website on templates, then just place data from the SQL into the templates, then you can simply identify the pages with something like www.mysite.com/?pid=34 a lot of websites that have interchangable content do this, news sites in particular - it's a pretty easy and good way to content manage.
Plus you could MD5 or BASE encode the data, making it harder for people to "hack" the site.
I didn't really understand what you were saying though :P
__________________ A lie gets halfway around the world before the truth has a chance to get its pants on. - Sir Winston Churchill
Please visit my sites: Please login or register to view this content. Registration is FREE | Please login or register to view this content. Registration is FREE
I do it that was so that I can have additional formatting for the page specific content. It works exactly as I wanted and I don't have to do any formatting for on the template.
