Comments on: More About IFrame Injections http://www.memwg.com/more-about-iframe-injections/ Eric Giguere's AdSense Tips Mon, 02 Jan 2012 15:55:31 +0000 hourly 1 http://wordpress.org/?v=3.3 By: Johnny http://www.memwg.com/more-about-iframe-injections/comment-page-1/#comment-5100 Johnny Tue, 03 Jun 2008 15:33:33 +0000 http://www.memwg.com/?p=1368#comment-5100 Eric, THANK YOU for the additional security info. But, one more thing... How do you prevent it from happening in the first place? Do you just validate your incoming (form?) data by (1)parsing strings for evil commands and (2)checking to make sure that data comes from your site and not a fake page set up by a hacker? (There must be a PHP environment variable that can tell you what page a form's data was submitted from, right?) Or are hackers somehow just exploiting WordPress security holes? Regards, Johnny Eric,

THANK YOU for the additional security info.

But, one more thing…

How do you prevent it from happening in the first place?

Do you just validate your incoming (form?) data by (1)parsing strings for evil commands and (2)checking to make sure that data comes from your site and not a fake page set up by a hacker? (There must be a PHP environment variable that can tell you what page a form’s data was submitted from, right?)

Or are hackers somehow just exploiting WordPress security holes?

Regards,
Johnny

]]>