vicodin Posted March 10, 2008 Share Posted March 10, 2008 If i do a preg statment that only allows A-Z,a-z,0-9 will that stop all injections and ssx atacks?? Link to comment https://forums.phpfreaks.com/topic/95332-preg/ Share on other sites More sharing options...
unsider Posted March 10, 2008 Share Posted March 10, 2008 Yes, or even take it a step further to not allow <>,!, @, #, etc... But yes, that type of validation works just fine. For the most minimal of form security. Link to comment https://forums.phpfreaks.com/topic/95332-preg/#findComment-488281 Share on other sites More sharing options...
vicodin Posted March 10, 2008 Author Share Posted March 10, 2008 Now by minimal what else to you think should be in there? Link to comment https://forums.phpfreaks.com/topic/95332-preg/#findComment-488282 Share on other sites More sharing options...
unsider Posted March 10, 2008 Share Posted March 10, 2008 Spoofed HTTP Requests Cross Site Scripting Google search some form security/overall security topics to find them all. You are simply protecting the user from input strange characters, or potientally harmful characters. Link to comment https://forums.phpfreaks.com/topic/95332-preg/#findComment-488283 Share on other sites More sharing options...
vicodin Posted March 10, 2008 Author Share Posted March 10, 2008 Thanks for the tips! Link to comment https://forums.phpfreaks.com/topic/95332-preg/#findComment-488284 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.