Welcome Guest, Not a member yet? Register   Sign In
Codeigniter Sanitisation Practices

(This post was last modified: 08-02-2018, 09:23 AM by jreklund.)

I'm escaping it with smarty instead, as html_escape are just an alias for htmlspecialchars.

Inside href tags I use:

For everything else (except src, those need strict XSS protection):

New lines to <br>:

You should use a input validation too. So that you filter for just a-Z or what you need. So that you don't accept <script>

Messages In This Thread
RE: Codeigniter Sanitisation Practices - by jreklund - 08-02-2018, 09:20 AM

Theme © iAndrew 2016 - Forum software by © MyBB