About htmlentities/html_entity_decode and security
Hi,
First of all, sorry for my english, I´m from Mexico.
I´m developing a website in PHP/MySQL that implements a link to Google Maps. I want to save the html code from Google Maps in a table of the database, so I began reading about website security and the XSS topic came out.
I began looking for preventive measures to avoid the XSS problem so I came with the "mysql_real_escape_string" function but then I also came up with tutorials about using "htmlentities" and "html_entity_decode" functions.
My question for you is, is the combo "htmlentities/html_entity_decode" a good way to prevent the XSS problem or is there a better solution?
Thanks in advance
Padmx
|
English | 
Deutsch
Linear Mode
Recent comments
8 hours 23 min ago
13 hours 22 min ago
14 hours 48 min ago
15 hours 41 min ago
17 hours 24 min ago
21 hours 48 min ago
22 hours 40 min ago
1 day 53 min ago
1 day 14 hours ago
1 day 15 hours ago