News Feed
Sections




News Archive
Looking for more information on how to do PHP the right way? Check out PHP: The Right Way

Genius Engineering Blog:
Genius Open Source Libraries (Sanitize HTML Input)
August 03, 2010 @ 11:56:32

On the Genius Engineering blog today they share a library they've created to help filter out possibly malicious content coming from the user - HTML content, valid or not.

Some time ago, Genius Engineering decided to unify the manner in which we encode values that contain user input. We previously depended upon the PHP built-in htmlentities() and some simple wrappers around it for our encoding needs, but this function alone can't safely sanitize tainted data in all contexts. [...] While there is plenty of information about these issues and what must be done to fix them, there is a distinct dearth of libraries in PHP to properly encode strings for all of the situations.

They include a few code examples of how to use their sanitizing library [tar.gz] to filter HTML overall, HTML attributes and filter strings for use in Javascript.

0 comments voice your opinion now!
sanitize opensource html input


blog comments powered by Disqus

Similar Posts

Stefan Koopmanschap's Blog: Interviewed by DevExp.eu

PHPBuilder.com: PHP Simple HTML DOM Parser: Editing HTML Elements in PHP

Community News: Drupal Wins Packt's Overall Open Source Content Management System Award

Zend Developer Zone: Announcing July's Zend Framework Bug Hunt Days

PHPMaster.com: Convert HTML to PDF with Dompdf


Community Events

Don't see your event here?
Let us know!


community library laravel laravel5 voicesoftheelephpant interview framework threedevsandamaybe security version introduction series api release podcast extension unittest opinion language symfony

All content copyright, 2015 PHPDeveloper.org :: info@phpdeveloper.org - Powered by the Solar PHP Framework