|
Posted by Peter Chant on 11/15/12 11:22
Scott Auge wrote:
> This is what I use:
>
> http://amduus.com/phpezine/archive/Issue2.pdf
>
> http://amduus.com/phpezine/archive/issue2.zip
So, if I want to do something starting from scratch, I strip out HTML tags,
semi-colons and quotes I am killing off a fair amount of vandalism. This
would involve checking both form fields and stuff from the end of urls (I
can never remember the correct term of variables passed there).
Not crucial, as my application is only used by myself and is not publically
accessable, but it would be nice to have a bit of a go.
Suppose if I were expecting alpha numeric stuff (including hyphen) a regular
expression on [ 0-9a-zA-Z-]* would not be a bad place to start.
Pete
--
http://www.petezilla.co.uk
Navigation:
[Reply to this message]
|