About htmlentities/html_entity_decode and security
Hi,
First of all, sorry for my english, I´m from Mexico.
I´m developing a website in PHP/MySQL that implements a link to Google Maps. I want to save the html code from Google Maps in a table of the database, so I began reading about website security and the XSS topic came out.
I began looking for preventive measures to avoid the XSS problem so I came with the "mysql_real_escape_string" function but then I also came up with tutorials about using "htmlentities" and "html_entity_decode" functions.
My question for you is, is the combo "htmlentities/html_entity_decode" a good way to prevent the XSS problem or is there a better solution?
Thanks in advance
Padmx
|
English | 
Deutsch
Linear Mode
Recent comments
1 day 4 hours ago
1 day 5 hours ago
1 day 9 hours ago
1 day 16 hours ago
1 day 17 hours ago
1 day 18 hours ago
1 day 23 hours ago
2 days 5 hours ago
2 days 9 hours ago
2 days 11 hours ago