mat420 Posted March 4, 2011 Share Posted March 4, 2011 a vulnerbility scanner i used said to filter metacharacters in my submission form is this enough? thank u <?php $string = "This is some text and numbers 12345 and symbols !£$%^&"; $new_string = ereg_replace("[^A-Za-z0-9]", "", $string); echo $new_string ?> Quote Link to comment https://forums.phpfreaks.com/topic/229579-filtering-metacharacters-for-security/ Share on other sites More sharing options...
beegro Posted March 4, 2011 Share Posted March 4, 2011 Metacharacters are any characters that have special, interpretable meaning. In PHP we have (\n, \r, \t, etc.) in strings that are metacharacters. How you should filter your inputs all depends on what you want to do with those values later. Are you simply wanting to echo them back to the browser or will you actually be doing something else with them? Quote Link to comment https://forums.phpfreaks.com/topic/229579-filtering-metacharacters-for-security/#findComment-1182827 Share on other sites More sharing options...
mat420 Posted March 4, 2011 Author Share Posted March 4, 2011 im trying to block metacharacters due to XSS Quote Link to comment https://forums.phpfreaks.com/topic/229579-filtering-metacharacters-for-security/#findComment-1182895 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.