Time Stamp Security

Regular Joined: Aug 06, 2008 Posts: 65

Hi, thanks for your time!

I understand SOME about securing info given from the sql (intval, stripslashes, check_html, etc..) But I need advice / help about this.

I am wondering about the following chunk of code I am using, related to the news articles. It doesnt have any of the above security functions. Is it secure enough to use on my site? If not, how would I secure it? Thanks!

Code:

$time = $myrow['time'];


formatTimestamp($time);


setlocale(LC_TIME, $locale);


ereg ("([0-9]{4})-([0-9]{1,2})-([0-9]{1,2}) ([0-9]{1,2}):([0-9]{1,2}):([0-9]{1,2})", $time, $datetime2);


$datetime2 = strftime(""._DATESTRING2."", mktime($datetime2[4],$datetime2[5],$datetime2[6],$datetime2[2],$datetime2[3],$datetime2[1]));


$datetime2 = ucfirst($datetime2);





echo 'Published on ' .$datetime2. '';

Also, if someone could help me secure the following time code:

Code:

$date = date("F j, Y, g:i a");

and ip collector code:

Code:

 $ip = $_SERVER['REMOTE_ADDR'];

Thanks again.

Posted: Mon Feb 02, 2009 11:32 am

There is nothing there to secure.

Posted: Mon Feb 02, 2009 12:47 pm

Hi, That's good to hear. Thanks!

registered · Posted: Mon Feb 02, 2009 7:39 pm

Assuming the initial entry wasn't already injected with some bad code

Code:




$myrow['time']

I don't think there is anything to worry about. Even if it is, it is likely that your datetime code would give you a warning of an invalid parameter - not security issue.