samedi 10 août 2019

Wich characters should i ban in a web comment section to prevent injections

Hi i'm making a comment section for a website and the registered user can share textual comments that will be saved in a database and then loaded in the website, i'm worried that people can use this section to inject code inside the page, atm i use the php strip tags function, is it enough or should i use other protections? i already use pdo with prepare queries to prevent sql injection




Aucun commentaire:

Enregistrer un commentaire