Jump to content

Need help filtering out XSS and SQL injection

kmaid

By kmaid
in PHP Coding Help

Recommended Posts

kmaid Member

kmaid

Posted
Posted

Need help filtering out XSS and SQL injection currently I validate all my user input using regular expressions but I am worried it may still leave some room for JavaScript or possibly mysql special characters. Currently to make sure I use

 

function libStripInputSlashes()
{
	$input_arr = array();
	foreach ($_REQUEST as $key => $input_arr) 
	{
	    $_REQUEST[$key] = htmlspecialchars($input_arr);
		$_REQUEST[$key] = mysql_real_escape_string($input_arr);
	}
}

 

Are there any better solutions than using this?

 

Thanks

Kmaid

 

 

Archived

This topic is now archived and is closed to further replies.

Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.