You are here: RE: [PHP] basic user/input form questions... more validation! « PHP « IT news, forums, messages
RE: [PHP] basic user/input form questions... more validation!

Posted by "bruce" on 12/05/88 11:27

chris...

i understood the concept of data being output from an application/function.
my question was directed towards trying to understand if you were meaning
that an app should escape all output from the mysql db?? or, were you
referring to data that would go back to the user via a form?

in other words, which 'output' function are/were you referring to.

-bruce

ps. tried to get to the link... it wouldn't come up for me for some
reason...


-----Original Message-----
From: Chris Shiflett [mailto:shiflett@php.net]
Sent: Thursday, September 22, 2005 8:38 PM
To: bedouglas@earthlink.net
Cc: 'Chris W. Parker'; php-general@lists.php.net
Subject: Re: [PHP] basic user/input form questions... more validation!


bruce wrote:
> but what do you mean by "...escape output!!"

Output is data that you send somewhere else. In other words, if it
leaves your application, it is output.

This is explained a bit further (with some code) near the start of this
talk:

http://brainbulb.com/talks/php-security-audit-howto.pdf

Hope that helps.

Chris

--
Chris Shiflett
Brain Bulb, The PHP Consultancy
http://brainbulb.com/

 

Navigation:

[Reply to this message]


Удаленная работа для программистов  •  Как заработать на Google AdSense  •  England, UK  •  статьи на английском  •  PHP MySQL CMS Apache Oscommerce  •  Online Business Knowledge Base  •  DVD MP3 AVI MP4 players codecs conversion help
Home  •  Search  •  Site Map  •  Set as Homepage  •  Add to Favourites

Copyright © 2005-2006 Powered by Custom PHP Programming

Сайт изготовлен в Студии Валентина Петручека
изготовление и поддержка веб-сайтов, разработка программного обеспечения, поисковая оптимизация