Update XSS_level4.php

ofsenyayla · web-flow · commit 2d95f44e198d · 2018-12-09T01:57:34.000+03:00
diff --git a/XSS/XSS_level4.php b/XSS/XSS_level4.php
@@ -20,6 +20,7 @@
     $values = array("script", "prompt", "alert", "h1");
 
  	$user = str_replace($values, " ",$_GET["username"]);
+	$user = preg_replace("/<(.*)[S,s](.*)[C,c](.*)[R,r](.*)[I,i](.*)[P,p](.*)[T,t]>/i", "", $_GET["username"]);
 	echo "$user";
 }
 

Original file line number	Diff line number	Diff line change
`@@ -20,6 +20,7 @@`
`20`	`20`	`$values = array("script", "prompt", "alert", "h1");`
`21`	`21`
`22`	`22`	`$user = str_replace($values, " ",$_GET["username"]);`
	`23`	`+ $user = preg_replace("/<(.)[S,s](.)[C,c](.)[R,r](.)[I,i](.)[P,p](.)[T,t]>/i", "", $_GET["username"]);`
`23`	`24`	`echo "$user";`
`24`	`25`	`}`
`25`	`26`