Yes, there could be an issue. $address could contain an XSS attack. Validate $address to be greater than the required length.
Another potential attack would be a lot of processing server side. While that is very unlikely it is not unthinkable.
Thanks for pointing out. I think the following code may validate the address size...
function validateAddress($address){
$validated = false;
if(strlen($address) > 25 && strlen($address) < 35){
$addressURL = "https://blockchain.info/q/addressbalance/".$address;
$addressBalance = file_get_contents($addressURL);
$validated = is_int($addressBalance);
}
return $validated;
}
Would work most times, but you should insert a code snippet which checks if blockchain.info returns any good result, otherwise you might find yourself having false negatives when blockchain.info is down or asking your PHP script for a captcha. (Sometimes CloudFlare locks out your PHP script)
Yep... the uptime of blockchain.info is now a problem. Do u know any API to check blockchain.info status ? I think simple ping check or HTTP header checking wont work as they are behind cloudflare.