...e GET /../../blahblah http/1.1 is issued and the server walks above the website root and into system file land, serving files that can be used to compromise or remotely attack the system, like a password file. – Lawrence Dol Sep 17 '10 at 4:51 ...

... You may do it by using following code: var url = "www.site.com/index.php#hello"; var hash = url.substring(url.indexOf('#')+1); alert(hash); SEE DEMO share | improve this answe...

...======== // // =================================================== // //If site uses HTTPS: $HTTP_or_HTTPS = ((!empty($_SERVER['HTTPS']) && $_SERVER['HTTPS']!=='off') || $_SERVER['SERVER_PORT']==443) ? 'https://':'http://' ); //in some cases, you need to add this condition too: if...

... Site-wide random salt is bad, since an attacker can precompute rainbow tables and grab your entire user database. If you don't understand this, please don't write login/security systems :) - you NEED per-user salts. ...

...the test implemented by the provided function." Implementing the exact opposite on a global seems pretty silly, doesn't it? – pyrotechnick Aug 30 '11 at 6:58 8 ...

... was running API 21 and when I used the API 19 implementation shown on the site you linked, it finally worked. – Milos Ivanovic May 31 '15 at 15:03 2 ...

... How do I get the user IP? – sites Apr 27 '13 at 21:40 @juanpastas you don't. you just ping a ...

...sizes for inputs and the like. It's just not how folks build pixel perfect sites. That's a bit all over and hopefully coherent enough. I'll try to blog about these changes as they come up more, but I'm unsure how close 3.0 is and what that will all entail yet. I would suggest anyone with strong fee...

... Just recently I spent a lot of time debugging why this didn't work on a site in Ubuntu Apache 2.4.7. Rewrite debugging showed the rule being hit and generating an INTERNAL REDIRECT. Then it seemed to just park that and look for an index page. Turns out that if mod_dir is enabled AND there is an i...

... A website shouldn't be able to know a user's history which could include indirect personal information. A site can use tracking/cookies to know what the user is doing on the site itself but they shouldn't, for example, be allowed ...