mat420 Posted March 4, 2011 Share Posted March 4, 2011 a vulnerbility scanner i used said to filter metacharacters in my submission form is this enough? thank u <?php $string = "This is some text and numbers 12345 and symbols !£$%^&"; $new_string = ereg_replace("[^A-Za-z0-9]", "", $string); echo $new_string ?> Link to comment https://forums.phpfreaks.com/topic/229579-filtering-metacharacters-for-security/ Share on other sites More sharing options...
beegro Posted March 4, 2011 Share Posted March 4, 2011 Metacharacters are any characters that have special, interpretable meaning. In PHP we have (\n, \r, \t, etc.) in strings that are metacharacters. How you should filter your inputs all depends on what you want to do with those values later. Are you simply wanting to echo them back to the browser or will you actually be doing something else with them? Link to comment https://forums.phpfreaks.com/topic/229579-filtering-metacharacters-for-security/#findComment-1182827 Share on other sites More sharing options...
mat420 Posted March 4, 2011 Author Share Posted March 4, 2011 im trying to block metacharacters due to XSS Link to comment https://forums.phpfreaks.com/topic/229579-filtering-metacharacters-for-security/#findComment-1182895 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.