Serganator Posted June 20, 2009 Posted June 20, 2009 Hi everyone, I've been looking for ideas on how to prevent XSS (Cross Side Scripting). Lot's of website have different suggesting was just wondering what you guys think is the best way i'm using PHP and MYSQL Thanks Quote
stingwray Posted June 21, 2009 Posted June 21, 2009 Using a decent programming framework really takes the effort out of things like this, letting you concentrate on the real stuff, dammit I should like a brochure. For php and mysql I can recommend CakePHP, it will provide you with everything you need, and do what Sparda says, which is the correct answer. Quote
Angablade Posted June 26, 2009 Posted June 26, 2009 it's easy.. change the < and > and " into < and > and "e; through the input.. in php Rendering most if not all of XSS usless... Quote
stingwray Posted July 2, 2009 Posted July 2, 2009 it's easy.. change the < and > and " into < and > and "e; through the input.. in php Rendering most if not all of XSS usless... Its not even most, you have to handle all sorts of encodings to be really safe. Quote
Rab Posted July 2, 2009 Posted July 2, 2009 It's Cross-Site Scripting. With ASP you use command objects for your queries so they are strongy-typed. In PHP you cry. Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.