darkfreaks Posted July 16, 2012 Share Posted July 16, 2012 so i have checked my code for isset and ctype_alnum and i am still getting cross site scripting injection. if(isset($_POST['variable']) && ctype_alnum($_POST['variable'])) { // code here } why is it telling me i have xss on this variable and all the rest that check for ctype_alnum are completely fine. or is my scanner picking up on false positives? Link to comment https://forums.phpfreaks.com/topic/265775-injection-problem/ Share on other sites More sharing options...
darkfreaks Posted July 16, 2012 Author Share Posted July 16, 2012 Solution: changed ctype_alnum to ctype_alpha Link to comment https://forums.phpfreaks.com/topic/265775-injection-problem/#findComment-1361962 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.