The link doesn't validate

I added a link on my site to a thread in my forum, but the link won't validate. Here it is:



How do I get around this? I thought about using a js-can I have it open in the same window instead of a pop up? What would be the best way to do this?

Replace & with &, or else the validator will find non-existent entities (and so might Web browsers!) The validator explains this when returning output.

Not 100% sure, but, I don't think you should be exposing a SID like this.


//I looked into this a little further, and there is a huge security risk in revealing a SID like this. Possibly, someone could log on to your board, as you, and do a heck of alot of damage, including changing YOUR passwords.

I wish I could explain this more, but it's not my area of expertise.

Anyway, I removed the SID portion of the URL from your post, just in case.

Wow Thx DM. So, is there a way to take someone to that thread without exposing anything dangerous?

I think this should work:

http://www.jeremy-lang.com/phpBB2/viewtopic.php?t=16

I hope someone with more knowledge than myself can do a little more explaining. *hint hint

it does! Thx

I hate to go off topic but the SID in phpBB is part of the session security. the phpBB group has worked around this somewhat by adding cookies and comparing refering IP's to the SID. There are exploits that can be taken advantage of, but there are also steps that can be taken to diminish the exposure to them.

The bottom line is that when posting links to other phpBB threads here or elsewhere, remove the SID portion of the link and it will work just fine. More information can be found by an OZZU search or a search at the phpBB forums.

Pardon, but what is the SID?

SID = Session ID -- it's an encrypted ID assigned to a member when they log in. Anonymous guests have one, too, but for members authentication, it is compared against their IP based on the set cookie. The two need to match up to maintain a login.