Welcome to the Treehouse Community
Want to collaborate on code errors? Have bugs you need feedback on? Looking for an extra set of eyes on your latest project? Get support with fellow developers, designers, and programmers of all backgrounds and skill levels here with the Treehouse Community! While you're at it, check out some resources Treehouse students have shared here.
Looking to learn something new?
Treehouse offers a seven day free trial for new students. Get access to thousands of hours of content and join thousands of Treehouse students and alumni in the community today.
Start your free trial
Jeff Hoffman
6,196 PointsQuestion on Site Security
I just finished the section on Escaping Output for PHP. It is really interesting how someone could alter a site's appearance by entering code into a submission form. However, I don't get how it is possible to alter the site, so that someone else sees something else different. If the files are being served to each individual computer from one root computer server, I would think the only way to alter what someone else sees is to change the original text editor files. Can someone explain?
6 Answers
Michael Hulet
47,913 PointsIt is definitely possible to do that, especially if you send malicious JavaScript inside a <script> tag, or better yet, malicious PHP that would get executed before the page is returned
Nathalie C
2,594 PointsCan I ask for a link to this section, I would be interested in seeing it. Thanks!
Jeff Hoffman
6,196 PointsI am not sure what you mean. A link to what?
Nathalie C
2,594 PointsYou mention finishing a section on Escaping Output for PHP - what course is that from on this site?
Jeff Hoffman
6,196 PointsThe course is called Enhancing a Simple PHP Application. The section is the first of eight, and it is titled Integrating Validation Errors.
Nathalie C
2,594 PointsThanks Jeff much appreciated