Hi all
i'm wondering how other symfony-users try to avoid security
problems...
is this a common and recomended way of avoiding these problems?
1. i've added a helper (SecurityHelper.php) with the following
function:
function secureOut($text) {
return htmlentities(strip_tags($text));
}
2. every text-output is wrapped by this function.
does anyone has a better solution for this issue?
filter? but what can i do if i want to allow some html tags?
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"symfony users" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at
http://groups.google.com/group/symfony-users?hl=en
-~----------~----~----~----~------~----~------~--~---
