XSS or Cross Site Scripting is the ability to inject malicious
javascript or HTML to the $_POST or $_GET variables, and at the bottom
line - to get them printed and output-ed to the client through the
HTML code of the page.
In order to avoid such security issues all you have to do is to
sanitise t
Well, the function filter_input(INPUT_GET, 'kw',
FILTER_SANITIZE_ENCODED);
...seemed to take care of the example on the report by
Security Metrics.
Am I on the right track here, at least?
I'm reading pages on 'sanitizing PHP input'. Is that where I
should be headed?
Skip
Shawn McKenzie w
Skip Evans wrote:
> Hey all,
>
> You may have seen my earlier message about a current client whose site
> I've taken over maintenance on that is trying to get PCI Compliance from
> Security Metrics. I've put all the forms behind https and a couple of
> other things, but this one I don't know how t
3 matches
Mail list logo
