Backend Development Protection of PHP sites - processing of incoming data Submitted by 0-Day, 01-03-2016, 03:34 PM, Thread ID: 18949 Thread Closed Reply RE: Protection of PHP sites - processing of incoming data 03-03-2016, 04:24 AM #7 Dumb advice. Don't tell people to use deprecated functions. Avoiding 1st order SQLi: http://pastebin.com/zbk1A7e8 (Sucuri blocks it) Avoiding XSS: Code:function escape($string = '') { return htmlspecialchars($string, ENT_QUOTE, 'UTF-8'); } More
RE: Protection of PHP sites - processing of incoming data 03-03-2016, 04:24 AM #7 Dumb advice. Don't tell people to use deprecated functions. Avoiding 1st order SQLi: http://pastebin.com/zbk1A7e8 (Sucuri blocks it) Avoiding XSS: Code:function escape($string = '') { return htmlspecialchars($string, ENT_QUOTE, 'UTF-8'); } More