PDA

View Full Version : ANTI Cross Site Scripting attacks



michael_s
07-19-2008, 03:13 PM
I take no credit for this contribution, this is based upon the anti-xss contribution by "pixclinic" with extra sql injection protection I found elsewhere on the web.

All I have added is the extra code and logging capability.

This will basically send any hacker to log.php which will display a message that his/her IP has been logged - this is stored in a file called iplog.txt in catalog root.


3 Easy Steps.


After install head off to http://www.ncircle.com/index.php?s=products_pci-compliance#freescan to get your free pci compliance scan!

To be even safer also consider installing FWR Media's Security Pro Contribution from http://addons.oscommerce.com/info/5752




More... (http://addons.oscommerce.com/info/6044)