Re: Preventing SQL Injection/ Cross Site Scripting

Dotan Cohen wrote:

I currently an using htmlencode, so < and > show as expected. I do
expect the math faculty to use those symbols :).

Then you're already protected from XSS attacks, no HTML filtersnecessary. Easy as pi. ;-)



(ok, that one was lame)

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Follow-Ups:
- Re: Preventing SQL Injection/ Cross Site Scripting
  - From: Dotan Cohen

References:
- Preventing SQL Injection/ Cross Site Scripting
  - From: Dotan Cohen
- Re: Preventing SQL Injection/ Cross Site Scripting
  - From: Dotan Cohen
- Re: Preventing SQL Injection/ Cross Site Scripting
  - From: Chris Shiflett
- Re: Preventing SQL Injection/ Cross Site Scripting
  - From: Dotan Cohen
- Re: Preventing SQL Injection/ Cross Site Scripting
  - From: Chris Shiflett
- Re: Preventing SQL Injection/ Cross Site Scripting
  - From: Justin Frim
- Re: Preventing SQL Injection/ Cross Site Scripting
  - From: Dotan Cohen
- Re: Preventing SQL Injection/ Cross Site Scripting
  - From: Justin Frim
- Re: Preventing SQL Injection/ Cross Site Scripting
  - From: Dotan Cohen