📜  php url 变量 xss sanitize - PHP 代码示例

📅  最后修改于: 2022-03-11 14:54:12.855000             🧑  作者: Mango

代码示例1
'
// in a URL parameter. Assuming you echo it, this
// would inject scripts in an XSS attack.
//
// The solution:
$NAME = $_GET['NAME'];
// Bad:
echo $NAME;
// that one is vulnerable to XSS
// Good:
echo htmlspecialchars($NAME);
// Sanitizes input thoroughly.
?>