xeonyk Posted June 9, 2007 Share Posted June 9, 2007 i have this case : i store database from the text box and i show it the database value to my page. how to prevent if user input html text into textbox and when before i want to store the value from textbox to database, it will check is the input is html or not. so when i show database value to my page the html script not print. example like this : <a href src="http://www.google.com">google</a> when i submit this topic this will show as text not a link thx Link to comment https://forums.phpfreaks.com/topic/54854-how-to-prevent-html-injection/ Share on other sites More sharing options...
chigley Posted June 9, 2007 Share Posted June 9, 2007 htmlspecialchars() Link to comment https://forums.phpfreaks.com/topic/54854-how-to-prevent-html-injection/#findComment-271295 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.