/    Sign up×
Community /Pin to ProfileBookmark

Simple Security Issue with Append

Copy linkTweet thisAlerts:
Feb 12.2009

Hey, sorry if this seems maybe a bit too simple for you guys, but my uncle was getting me to build a site for his band and he wanted me to add a page where people could add their own songs for the band to learn. I have all of the client-side code right, and I have a working example of the server-side code, all I need is a method of replacing the “<“‘s to “&lt;s” and the “>”‘s to .. well, you get the point.. I’m sure there is already a php function for that, I just need to know what it is called. Thanks in advance for any help.

to post a comment
PHP

4 Comments(s)

Copy linkTweet thisAlerts:
@scragarFeb 12.2009 — htmlentities
Copy linkTweet thisAlerts:
@TheTeenScripterauthorFeb 12.2009 — OK sorry lol but after some more research I found the htmlspecialchars() function. Thanks anyways...
Copy linkTweet thisAlerts:
@TheTeenScripterauthorFeb 12.2009 — Umm, I may go with your htmlentities function instead, it sounds like you probably know what will be best ?
Copy linkTweet thisAlerts:
@scragarFeb 12.2009 — htmlentities is prefered, htmlspecialchars is more or less only kept around for compatibility with old code.
×

Success!

Help @TheTeenScripter spread the word by sharing this article on Twitter...

Tweet This
Sign in
Forgot password?
Sign in with TwitchSign in with GithubCreate Account
about: ({
version: 0.1.9 BETA 5.6,
whats_new: community page,
up_next: more Davinci•003 tasks,
coming_soon: events calendar,
social: @webDeveloperHQ
});

legal: ({
terms: of use,
privacy: policy
});
changelog: (
version: 0.1.9,
notes: added community page

version: 0.1.8,
notes: added Davinci•003

version: 0.1.7,
notes: upvote answers to bounties

version: 0.1.6,
notes: article editor refresh
)...
recent_tips: (
tipper: @AriseFacilitySolutions09,
tipped: article
amount: 1000 SATS,

tipper: @Yussuf4331,
tipped: article
amount: 1000 SATS,

tipper: @darkwebsites540,
tipped: article
amount: 10 SATS,
)...