SitePoint Sponsor

User Tag List

Results 1 to 3 of 3
  1. #1
    SitePoint Evangelist
    Join Date
    Apr 2009
    Location
    South Carolina
    Posts
    458
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    form protection for google maps

    I have a form that will allow the client to add a Google Maps link code. I may change this to an embedded map.

    Right now, I check all entries in the form to try to avoid code injection. What should I check to allow on a Google map? I am currently using preg_match on my other entries, but so far, I have not found the right combination to eliminate the bad entries and still allow Google Maps links to be added.

    Where can I find something that will work, or is there a better solution?
    Each day is a learning experience.

  2. #2
    rajug.replace('Raju Gautam'); bronze trophy Raju Gautam's Avatar
    Join Date
    Oct 2006
    Location
    Kathmandu, Nepal
    Posts
    4,013
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    I presume that the article will be added by your client as a trusted user (administrator of the site) not a site visitor user. What I would do is, add a certain key with some parameters i.e. #GOOGLE_MAP:lag=x,lng=x,radius=x# and replace it dynamically while loading. This way you don't have to worry about filtration of malicious codes.
    Mistakes are proof that you are trying.....
    ------------------------------------------------------------------------
    PSD to HTML - SlicingArt.com | Personal Blog | ZCE - PHP 5

  3. #3
    SitePoint Evangelist
    Join Date
    Apr 2009
    Location
    South Carolina
    Posts
    458
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Yes, I have the form available only to someone with the role of administrator.

    The idea was that they could copy the code from a Google map and paste that code into the form. I feel that should be safe, but wanted to be sure there was nothing malicious inserted.
    Each day is a learning experience.


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •