Chapter 13 Security Methods Part 2
xss.php Script 13.4 on page ss.php ss.php ch13\xss.php Enter alert(“Ha!”);
XSS Attacks It could create a pop-up window Steal cookies Redirect the browser to other sites.
htmlentities() Turn problem characters into HTML entities (taken literally. No special meaning.) & -> & “ -> " < > -> >
strip_tags() Removes all HTML and PHP tags
calculator.php Script 13.4 on pages alculator.php alculator.php ch13\calculator.php
filter_var() if(filter_var($var,FILTER_VALIDATE_INT) if(filter_var($var,FILTER_VALIDATE_INT, array(‘min_range’ => 1, ‘max_range’ => 120))
Validation Filters FILTER_VALIDATE_ FILTER_VALIDATE_FLOAT FILTER_VALIDATE_INT FILTER_VALIDATE_URL