Gossamer Forum
Home : Products : Gossamer Links : Development, Plugins and Globals :

[ Feature request ] Search logging - only allow certain charachters

Quote Reply
[ Feature request ] Search logging - only allow certain charachters
Hi,

One thing thats really annoyed me recently, is people trying to do SQL injection and other JS codes into the search queries. This is fine for the search itself, but when you have "search logging" enabled, it stores stuff like:

Code:
<script>alert("TEST")</script>

Can we not have some regex in place to ONLY log valid queries? Something like:

Code:
^[a-z0-9 _\-\.,@]+$

I've added this into a job I'm currently doing, but would be nice it it was part of the standard script :)

Cheers

Andy (mod)
andy@ultranerds.co.uk
Want to give me something back for my help? Please see my Amazon Wish List
GLinks ULTRA Package | GLinks ULTRA Package PRO
Links SQL Plugins | Website Design and SEO | UltraNerds | ULTRAGLobals Plugin | Pre-Made Template Sets | FREE GLinks Plugins!
Subject Author Views Date
Thread [ Feature request ] Search logging - only allow certain charachters Andy 4781 Jan 8, 2012, 5:22 AM
Thread Re: [Andy] [ Feature request ] Search logging - only allow certain charachters
Andy 4669 Jan 8, 2012, 5:24 AM
Thread Re: [Andy] [ Feature request ] Search logging - only allow certain charachters
DeadMan 4605 Jan 30, 2012, 10:14 AM
Thread Re: [DeadMan] [ Feature request ] Search logging - only allow certain charachters
Andy 4616 Jan 30, 2012, 10:16 AM
Thread Re: [Andy] [ Feature request ] Search logging - only allow certain charachters
DeadMan 4589 Jan 30, 2012, 11:17 AM
Post Re: [DeadMan] [ Feature request ] Search logging - only allow certain charachters
Andy 4596 Jan 30, 2012, 11:20 AM