Backend Development

How to prevent form hijacking in PHP?

Submitted by greatlogix, , Thread ID: 18592

Thread Closed

RE: How to prevent form hijacking in PHP?

This post was last modified: 05-08-2017, 02:45 AM by dev
#10
Sanitize inputs by using the trim($string) function to strip leading and trailing whitespace and the html_special_chars($string) function to escape HTML special characters by converting to HTML entities.
PHP Code:
$input html_special_chars(trim($_POST['input'])); 
And,properly escape the string using mysql_real_escape_string before substituting into your SQL query.

Users browsing this thread: 1 Guest(s)