Jump to content

htmlentities


sepoto

Recommended Posts

I am currently reading the title "Essential PHP Security". I see one of the topics is concerning the use of "htmlentities()". I have looked up the functions man page on php.net and I do understand what it is doing however I don't yet fully understand how the use of "htmlentities()" is supposed to make my application more secure. Could someone explain this a bit? Thanks! :good:

Link to comment
Share on other sites

That only applies if people are submitting text that you are displaying on your site. If you let them submit whatever they want and you display it then they can submit HTML or Javascript code that would be added to your site, which is one way to attack your users.

  • Like 1
Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...