On Tuesday 28 March 2006 18:05, Matt Arnilo S. Baluyos (Mailing Lists) wrote: > Hello everyone, > > Would anyone know a PHP script that can sanitize variables to prevent > XSS and SQL injection? > > Thanks and best regards, > Matt > > -- > Stand before it and there is no beginning. > Follow it and there is no end. > Stay with the ancient Tao, > Move with the present.
Chris Shiflett has written a number of good articles on the matter. You can find them at: http://shiflett.org/articles The articles in particular would be: Security Corner: Cross-Site Request Forgeries and Security Corner: Data Filtering and Security Corner: SQL Injection Also, make sure to check out http://phpsec.org HTH -- Ray Hauge Programmer/Systems Administrator American Student Loan Services www.americanstudentloan.com 1.800.575.1099 -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
