Re: sanitizing get vars

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



set_magic_quotes_runtime( 0 );

This is for database, not for showing data in browser. For browser you need to kill all unknow tags and all unknown properties of known tags. Afterwards, you need to prepend http:// to any urls that have unknow protocols. Alternatively, you can make sure that data diplayed to user is submitted by the same user.

Example of the former method:

http://token.by.ru/ksscripts/htmlparser6.txt

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php


[Index of Archives]     [PHP Home]     [Apache Users]     [PHP on Windows]     [Kernel Newbies]     [PHP Install]     [PHP Classes]     [Pear]     [Postgresql]     [Postgresql PHP]     [PHP on Windows]     [PHP Database Programming]     [PHP SOAP]

  Powered by Linux