Go Back   HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials > Linux Forums > Programming/Scripts

Do you like HowtoForge? Please consider supporting us by becoming a subscriber.
Reply
 
Thread Tools Display Modes
  #1  
Old 23rd September 2010, 20:41
padmx82 padmx82 is offline
Junior Member
 
Join Date: Dec 2006
Posts: 8
Thanks: 0
Thanked 0 Times in 0 Posts
 
Default About htmlentities/html_entity_decode and security

Hi,

First of all, sorry for my english, Im from Mexico.

Im developing a website in PHP/MySQL that implements a link to Google Maps. I want to save the html code from Google Maps in a table of the database, so I began reading about website security and the XSS topic came out.

I began looking for preventive measures to avoid the XSS problem so I came with the "mysql_real_escape_string" function but then I also came up with tutorials about using "htmlentities" and "html_entity_decode" functions.

My question for you is, is the combo "htmlentities/html_entity_decode" a good way to prevent the XSS problem or is there a better solution?

Thanks in advance

Padmx
Reply With Quote
Sponsored Links
Reply

Bookmarks

Tags
mysql, php, xss

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Security tips needed u4david Installation/Configuration 28 30th October 2013 19:27
Access Denied by security policy Sndan General 2 4th February 2010 09:59
Unable to install ISPConfig bdonecker Installation/Configuration 21 26th May 2009 09:20
Security Error: Domain Name Mismatch cctex10 Installation/Configuration 6 2nd August 2007 15:07
SE linux problem when security context is modified raj123 Technical 1 28th June 2006 09:57


All times are GMT +2. The time now is 20:38.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.