Though it's not specifically PHP-related, it's something that any PHP developer creating sites out there needs to look into - from DotVoid.com today, a link to two great resources for preventing cross-site scripting problems.

While looking around for cross site scripting resources I stumbled upon this "ha.ckers.org" site which is an excellent source for ideas on how to check for XSS vulnerabilities. I have seen it before but I obviously forgot to bookmark it. Now I saw the site listed in the top of del.icio.us/tag/xss as well. Another good site to checkout is the http://www.owasp.org and even though their regex collection is not very international it can be useful.

I've seen the ha.ckers.org page before and it has *tons* of XSS hacks that you can test on your own services as easily as a cut and paste into a form field (probably like 10 pages worth). The owasp.org site is a bit more general, thus making it harder to find the information on XSS than ha.ckers.org...