Jump to content

htmlentities


Recommended Posts

I am currently reading the title "Essential PHP Security". I see one of the topics is concerning the use of "htmlentities()". I have looked up the functions man page on php.net and I do understand what it is doing however I don't yet fully understand how the use of "htmlentities()" is supposed to make my application more secure. Could someone explain this a bit? Thanks! :good:

Link to post
Share on other sites

That only applies if people are submitting text that you are displaying on your site. If you let them submit whatever they want and you display it then they can submit HTML or Javascript code that would be added to your site, which is one way to attack your users.

  • Like 1
Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
×
×
  • Create New...