|
|
|
It's very important to check ANY input coming from the web to your system. Specially if you do something with the data like : echo it to the screen (XSS Attack), save it in your database (SQL Injection Attack) or just access your file system according to the input. There are some basic tests on the input that you can do to minimize the threat and this is the function that follows. I would love to get more input from people about what else to add to the check list.
| <?php
function GetField($input) {
$input=strip_tags($input);
$input=str_replace("<","<",$input);
$input=str_replace(">",">",$input);
$input=str_replace("#","%23",$input);
$input=str_replace("'","`",$input);
$input=str_replace(";","%3B",$input);
$input=str_replace("script","",$input);
$input=str_replace("%3c","",$input);
$input=str_replace("%3e","",$input);
$input=trim($input);
return $input;
}
?> | |
|
|
| Secure URL $_GET
Categories : PHP, Data Validation, Security | | | A damaged image generator (class) for validating text.
CAPTCHA - Completely Automated Public Turing test to tell Computers and Humans Apart
Categories : PHP, PHP Classes, Security, GD image library, Security | | | A very simple PHP single password cookie based login without usernames.
Categories : PHP, Cookies, Security, Beginner Guides | | | Db_lib - practical example usage of database abstraction and form validation.
Categories : PHP, Form Processing, PHP Classes, Data Validation, Beginner Guides | | | Validating a URL with JavaScript RegExp
Categories : Java Script, Data Validation, Beginner Guides | | | Why it is not possible to preset a value in a file upload field
Categories : HTML, Security, Filesystem, Beginner Guides | | | Validating a URL with preg_match
Categories : PHP, Regexps, Beginner Guides, Data Validation | | | Form Validation Using PHP to highlight non valid fields
Categories : PHP, Form Processing, Data Validation, Beginner Guides | | | Form Processing : with alert Highlight field name which is not filled by user
Categories : Java Script, Form Processing, Data Validation, Beginner Guides, Web Design | | | Find the day of the week for any given year/month/day.
Categories : PHP, Date Time, Data Validation, Algorithms, Beginner Guides | | | Human readable PHP password generator
Categories : PHP, Security, Beginner Guides, Arrays | | | Find if a year is leap.
Categories : PHP, Date Time, Beginner Guides, Data Validation | | | session out Timer
Categories : PHP, Sessions, Security, Beginner Guides | | | Introduction to Language Files
Categories : PHP, Filesystem, Beginner Guides | | | email new items in db
Categories : PHP, Email, Databases, MySQL, Beginner Guides | |
|
|
|
