Hello,
I didn't mean to "attack" you so sorry if you got me wrong
I think that your program is reporting this one false positive because the ads here are not hardcoded - an iframe is used to display the ads to allow a better rotation.
This results in a false positive since the ads are called from another domain name (in this case one of my domains where the script is hosted)
Example code for such a false positive (actually the script that I use)
Code:
<?php
// loads the file that contain the ad codes aka image / url tags
$adfile = "adfilename.txt";
$ads = array();
// one line per ad
$fh = fopen($adfile, "r");
while(!feof($fh)) {
$line = fgets($fh, 10240);
$line = trim($line);
if($line != "") {
$ads[] = $line;
}
}
// randomly pick an ad
$num = count($ads);
$idx = rand(0, $num-1);
echo $ads[$idx];
?>
The script above opens the adfilename.txt which contains the actual ads
Example for the adfile:
Code:
<a href="http://urlhere.com" target="_newad1"><img src="http://www.theimage.com/someimage1.gif">
<a href="http://urlhere.com" target="_newad2"><img src="http://www.theimage.com/someimage2.gif">
<a href="http://urlhere.com" target="_newad3"><img src="http://www.theimage.com/someimage3.gif">
The false positive is reported because the file that shows the ad is php code and not an image meaning it is not really a "Web Bug" like 1 x 1 pixels which are designed to get a users personal information.
So in this case (klboard) that's the reason for your "alert" but then again you will get this false positive on many sites which use an adserver or scripts to display random ads.
Hope this helps you
Bookmarks