• 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Form validation

#3
(03-06-2017, 10:43 AM)Narf Wrote: Apply xss_clean() on output, not before you store it.

Hi Narf , Thanks for replying , i just want to make sure i understand correctly . here is the situation : 
if i do it this way 
$this->form_validation->set_rules('first_name', 'First Name', 'required'); 

if someone put <script> , required will be ok , 
then if i apply the xss clean after that or let's say i move the post data to a variable and apply xss clean on it 
the variable will become empty since xss clean will remove the <script> and required will never detect again
Reply


Messages In This Thread
Form validation - by jay101 - 03-06-2017, 10:34 AM
RE: Form validation - by Narf - 03-06-2017, 10:43 AM
RE: Form validation - by jay101 - 03-06-2017, 12:11 PM

Digg   Delicious   Reddit   Facebook   Twitter   StumbleUpon  


  Theme © 2014 iAndrew  
Powered By MyBB, © 2002-2020 MyBB Group.