| filter input - escape output |
In theory I completely understand what is being said here and how we should not manipulate the data that is saved in the database (hence why xss_clean has been depreciated from the form validation); however can someone please explain it in the below example:
We have a login page with: email: _________ password: _________ How do I make sure that that XSS attach does not happen here? In other words how do I escape the output? or what should I do in terms of filtering the input? |
| Messages In This Thread |
|
filter input - escape output - by edoramedia - 05-22-2016, 01:05 AM
RE: filter input - escape output - by kenjis - 05-22-2016, 02:01 AM
RE: filter input - escape output - by edoramedia - 05-22-2016, 02:11 AM
RE: filter input - escape output - by kenjis - 05-22-2016, 02:36 AM
RE: filter input - escape output - by ivantcholakov - 05-22-2016, 07:29 AM
RE: filter input - escape output - by cartalot - 05-22-2016, 12:21 PM
|
