Results 1 to 1 of 1
Nov 11, 2004, 12:57 #1
- Join Date
- Sep 2001
- 0 Post(s)
- 0 Thread(s)
to sanatize user input with HTML_QuickForm, use a filter or DB_common::quoteSmart()?
I am trying to figure out the most secure way to sanatize user input - I am using PEAR's HTML_QuickForm.
- write my own sanatize function and incorporate it with Quickform by adding a rule
- use a built-in function like alphanumeric to filter out any suspicious characters
- customize the built-in function regex to filter out any suspicious characters
- use DB_common::quoteSmart()
Your thoughts are MUCH appreciated!signature