I need your opinion regarding 3 security functions...

Discussions of secure PHP coding. Security in software is important, so don't be afraid to ask. And when answering: be anal. Nitpick. No security vulnerability is too small.

Moderator: General Moderators

Rippe
Forum Newbie
Posts: 1
Joined: Sun Feb 14, 2010 8:27 am

Re: I need your opinion regarding 3 security functions...

Post by Rippe »

Hi all,
this looks bad....

Code: Select all

echo htmlspecialchars('<script name="javascript">alert("XSS");</script>');
if you use htmlspecialchars or htmlentities don't forget to set the charset and right mode.

Code: Select all

echo htmlspecialchars('<script name="javascript">alert("XSS");</script>'), ENT_QUOTES,'UTF-8');

Kind Regards

Rippe
Post Reply