On Wednesday, 28 June 2017 at 19:14:19 UTC, aberba wrote:
I'm already using prepared statements thoroughly. strip_tags() has its own uses beside making it safe for db storage.
Nothing to do with DB storage! XSS and SQL injections are two very distinct classes of vulnerabilities.
Please read this ASAP: https://en.wikipedia.org/wiki/Cross-site_scripting
