I think my question could be restated to: What characters are potentially
lethal in user input. I can do the regex. But don't know what to parse out
of the strings.
would removing \ / . do the trick?
Why whould you want to strip things? Check if the input meets a certain
requirement..
On Sunday 09 September 2001 04:46, Kevin wrote:
I think my question could be restated to: What characters are
potentially lethal in user input. I can do the regex. But don't know
what to parse out of the strings.
would removing \ / . do the trick?
You mean http://php.net/addslashes I
I am looking for general a function to that would render user input
harmless.
I would write my own but don't know what to strip from the input that could
make it potentially damaging on linux boxes. I need to accept email and
phone numbers.
Thanks in advance,
Kevin
--
PHP General Mailing
I think my question could be restated to: What characters are potentially
lethal in user input. I can do the regex. But don't know what to parse out
of the strings.
would removing \ / . do the trick?
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL
It really depends on what you use the user input for.
If you are just storing into a database and splashing it out to a html page
later, htmlspecialchars( ) is adequete protection.
If this is a filename, then checks for the prefix http://; and '..' and
quotes in the file name, and a base
5 matches
Mail list logo