eyexro Posted January 17, 2012 Report Posted January 17, 2012 Daca ai un site din html + css si php, ce trebuie facut pentru a nu fi vulnerabil la XSS ? Quote
aelius Posted January 17, 2012 Report Posted January 17, 2012 htmlentities — Convert all applicable characters to HTML entities Quote
BogdanNBV Posted January 17, 2012 Report Posted January 17, 2012 sa filtrezi tot ce introduce utilizatorul... htmlentities(); ar trebuii sa-ti fie de ajuns... Quote
Robert1995 Posted January 17, 2012 Report Posted January 17, 2012 baga asta prin include la toate paginile talehttps://rstcenter.com/forum/46445-post-sanitize.rst#post309514Edit : daca vrei si sqli baga si un mysql_real_escape_string , mai pune si un trim sa dispara taburile 1 Quote
eyexro Posted January 17, 2012 Author Report Posted January 17, 2012 multumesc tuturor !@Robert .. asta e ? PHP: mysql_real_escape_string - Manual ? Quote
qbert Posted January 17, 2012 Report Posted January 17, 2012 eventual si un ,ENT_QUOTES,iar daca vrei anti sql injection,mysql_real_escape_string e ok,dar daca vrei ceva mai hardcore,baga pdo. Quote
Robert1995 Posted January 17, 2012 Report Posted January 17, 2012 multumesc tuturor !@Robert .. asta e ? PHP: mysql_real_escape_string - Manual ?ala e Quote
