XSS Prevention in PHP

Question

Possible duplicate:
What are the best methods to prevent xss attacks on a php site

I need to prevent XSS attacks in PHP code, is there a good and simple library for this?

+7

php xss

newbie Apr 16 '10 at 10:25

source share

5 answers

Federico klez culloca · Answer 1 · 2010-04-16T10:28:49+0000

Security is not a product. This is a process.

If you rely on a library for security, you are doomed to be attacked at one point or another.

Anyway, you can sanitize your inputs with standard php functions (i.e. htmlspecialchars() )

Finbarr · Answer 2 · 2010-04-16T10:37:04+0000

There are many PHP functions that can help you prevent XSS attacks. Look at them:

strip_tags

htmlspecialchars

azz0r · Answer 3 · 2010-04-16T10:35:55+0000

Theres a lot of good answers on google, at first I found; http://codeassembly.com/How-to-sanitize-your-php-input/

My main advice would be to consider each entry as a direct attack.

So convert to html characters. Add slashes.

Ivan · Answer 4 · 2010-04-16T10:34:21+0000

Your common sense · Answer 5 · 2010-04-16T10:27:16+0000

htmlspecialchars()