/    Sign up×
Community /Pin to ProfileBookmark

PHP make input more secure for chat system

Copy linkTweet thisAlerts:
Jul 15.2021

As I create a chat system
and I would like to make PHP more security and also for client also

sure now I use prepare statement
on chat system I have tag
<br><a><nav> <audio controls><source>

  • other tag should block or some good way to do this?

  • allow user to access image and voice directory, how can I make more secure?
    Note: all file I protect type of file and also generate new file name before create

    • to post a comment
    PHP

    4 Comments(s)

    Copy linkTweet thisAlerts:
    @NogDogJul 15.2021 — Not sure if this is what you mean, but you could use strip_tags() to only allow certain tags, e.g.:
    [code=php]
    $text = strip_tags($text, '<br><a><nav><audio controls><source>');
    [/code]
    Note: I'm not sure what it would do with &lt;audio controls&gt;, since having a space in the name is not normal HTML syntax.
    Copy linkTweet thisAlerts:
    @NitiphoneauthorJul 16.2021 — @NogDog#1634205 Normally we strip before insert to database? or just when send to Front.
    Copy linkTweet thisAlerts:
    @NitiphoneauthorJul 16.2021 — @NogDog#1634205 Should we always use strip_tags every time and field if want to insert to DB?
    Copy linkTweet thisAlerts:
    @NogDogJul 16.2021 — > @Nitiphone#1634229 Should we always use strip_tags every time and field if want to insert to DB?

    For what you're describing, probably before, since you don't ever want those tags -- unless, of course, you think you might? 🤷‍♂️
    ×

    Success!

    Help @Nitiphone spread the word by sharing this article on Twitter...

    Tweet This
    Sign in
    Forgot password?
    Sign in with TwitchSign in with GithubCreate Account
    about: ({
    version: 0.1.9 BETA 5.11,
    whats_new: community page,
    up_next: more Davinci•003 tasks,
    coming_soon: events calendar,
    social: @webDeveloperHQ
    });

    legal: ({
    terms: of use,
    privacy: policy
    });
    changelog: (
    version: 0.1.9,
    notes: added community page

    version: 0.1.8,
    notes: added Davinci•003

    version: 0.1.7,
    notes: upvote answers to bounties

    version: 0.1.6,
    notes: article editor refresh
    )...
    recent_tips: (
    tipper: @AriseFacilitySolutions09,
    tipped: article
    amount: 1000 SATS,

    tipper: @Yussuf4331,
    tipped: article
    amount: 1000 SATS,

    tipper: @darkwebsites540,
    tipped: article
    amount: 10 SATS,
    )...