I think it is generally a Bad Idea to allow users to submit code into your system... you would be better off if you would provide some pseudo-coding possibilities which would allow them to insert certain functionalities into their content - with you providing the real code running behind and replacing the pseudo-codes with the process results greets Zoltán Németh 2007. 04. 5, csütörtök keltezéssel 09.17-kor Bing Du ezt írta: > Hi, > > I'm not an experienced PHP developer. We're hosting a content management > system that allow authorized people to add PHP contents. Their PHP coding > levels varies. Some are very security sensitive, but some are not. I > want to know if PHP has any ready-to-use funtion to validate form input to > help prevent SQL injection/XSS? So each programmer doesn't have to write > their own form validation code. I'd appreciate any advice or pointers. > > Thanks in advance, > > Bing > -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
