terryds Posted February 18, 2015 Share Posted February 18, 2015 What's the best way to sanitize user input ? Is htmlspecialchars() enough ? Or, filter_var() is better? In sanitizing string to avoid XSS, which one performs better, htmlspecialchars() or filter_var() ?? Link to comment Share on other sites More sharing options...
justsomeguy Posted February 18, 2015 Share Posted February 18, 2015 There's one article that discusses XSS prevention here:http://www.sitepoint.com/php-security-cross-site-scripting-attacks-xss/And a more thorough discussion here:https://www.owasp.org/index.php/XSS_(Cross_Site_Scripting)_Prevention_Cheat_Sheet Link to comment Share on other sites More sharing options...
sandeepm Posted March 6, 2015 Share Posted March 6, 2015 if we are using sanitize we are facing some problems, is there any alternate for this Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now