Many developers rely on strip_tags to validate user input, and, although the function does a good job when removing all the html tags, there are some security issues when you want to leave some of them (like <a> or <img>).
That is because, although you removed all the <script> tags from the input, that doesn’t mean [...]
Posts Tagged ‘input validation’
How safe strip_tags is?
June 2nd, 2010
2 Comments
