Some time ago I wrote document describing common problem with cleaning up
HTML. PHP manual states some little warning about topic but no solution on
http://www.php.net/strip_tags
Many websites are still vulnerable and similar problems happen not depending
on programming language too often:
http://www.jes.ee/~tonu/strip.php
Please do not start flamewar, I know some people might find this information
useful. Yes, it is not "advanced" and this is why people often do not notice
the problem.
HTML. PHP manual states some little warning about topic but no solution on
http://www.php.net/strip_tags
Many websites are still vulnerable and similar problems happen not depending
on programming language too often:
http://www.jes.ee/~tonu/strip.php
Please do not start flamewar, I know some people might find this information
useful. Yes, it is not "advanced" and this is why people often do not notice
the problem.
Tõnu
[ reply ]