Posted by Chris Shiflett on 09/29/54 11:27
bruce wrote:
> but what do you mean by "...escape output!!"
Output is data that you send somewhere else. In other words, if it
leaves your application, it is output.
This is explained a bit further (with some code) near the start of this
talk:
http://brainbulb.com/talks/php-security-audit-howto.pdf
Hope that helps.
Chris
--
Chris Shiflett
Brain Bulb, The PHP Consultancy
http://brainbulb.com/
Navigation:
[Reply to this message]
|