Welcome Guest, Not a member yet? Register   Sign In
get and post filtering for xss, sql injection
#1

I'm new to codeigniter can you give me some tips on get and post filtering for xss, sql injection and etc..
Reply
#2

xaa is built into CodeIgniter both versions you just need to turn it on see the Users Guide.
What did you Try? What did you Get? What did you Expect?

Joined CodeIgniter Community 2009.  ( Skype: insitfx )
Reply
#3

(05-16-2021, 03:37 PM)InsiteFX Wrote: xaa is built into CodeIgniter both versions you just need to turn it on see the Users Guide.
 Ok thx, sql injection?
Reply
#4

Well, if you need to add sth, you can use some classical php functions such as strip_tags  and  preg_replace :

PHP Code:
$name_from_input strip_tags($this->request->getVar('user_name'));
      
$name_to_db 
preg_replace("/[\'\")(;|`,<>]/"""$name_from_input);

$data = [
 
'user_name' => $name_to_db
]; 
Reply
#5

@Secux,

Here is helpful documentation for queries https://codeigniter.com/user_guide/datab...ng-queries
Reply
#6

I read somewhere that if I use the query module it also protects against injections. is this true?
Reply




Theme © iAndrew 2016 - Forum software by © MyBB