Backend Development

Protection of PHP sites - processing of incoming data

Submitted by 0-Day, 01-03-2016, 03:34 PM, Thread ID: 18949

Thread Closed

03-03-2016, 04:24 AM

Dumb advice. Don't tell people to use deprecated functions.

Avoiding 1st order SQLi: http://pastebin.com/zbk1A7e8 (Sucuri blocks it)

Avoiding XSS:

Code:
function escape($string = '')
 {
     return htmlspecialchars($string, ENT_QUOTE, 'UTF-8');
 }

Users browsing this thread: 1 Guest(s)