[Owasp-delhi] Need Code for sanitizing inputs in PHP
owasp at justplainpix.com
owasp at justplainpix.com
Fri Aug 7 16:16:51 EDT 2009
You may also want to investigate PHP-IDS. It was quite a popular topic at BlackHat/DefCon USA this year:
http://demo.php-ids.org/
--- On Thu, 8/6/09, Gunwant Singh <gunwant.s at gmail.com> wrote:
From: Gunwant Singh <gunwant.s at gmail.com>
Subject: Re: [Owasp-delhi] Need Code for sanitizing inputs in PHP
To: "amar wakharkar" <amarsuhas at hotmail.com>
Cc: owasp-delhi at lists.owasp.org
Date: Thursday, August 6, 2009, 3:03 AM
FYI, this is not for PHP. ESAPI is still in progress for PHP.
On Wed, Aug 5, 2009 at 10:52 PM, amar wakharkar <amarsuhas at hotmail.com> wrote:
Dear Abhi,
Visit Following Page,
http://www.owasp.org/index.php/XSS_Prevention
> From: abhishek.luck at gmail.com
> Date: Mon, 3 Aug 2009 10:11:17 +0530
> To: gunwant.s at gmail.com; owasp-delhi at lists.owasp.org
> Subject: Re: [Owasp-delhi] Need Code for sanitizing inputs in PHP
>
> Hi list,
>
> I do have an idea about Regular expressions and its usages in preventing
> XSS and SQL injection.
>
> but the thing is, I want a function which is already written in a
> compact manner
> so that it tackles all XSS and SQL injection problems.
>
> As a newbie perhaps I would miss some conditions/"malicious strings".
>
> regards
> abhi
>
> On Fri, Jul 31, 2009 at 10:58 PM, Gunwant Singh<gunwant.s at gmail.com> wrote:
> > Do you have any idea on 'Regular Expressions'?
> >
> > On Wed, Jul 29, 2009 at 8:13 PM, Abhishek Kumar <abhishek.luck at gmail.com>
> > wrote:
> >>
> >> hi list,
> >> I am looking for code for sanitizing each and every input for SQL
> >> injection
> >> and XSS in PHP
> >>
> >> I need a function say sanitize(<input>), where <input> would be a
> >> value which user is supplying in
> >> the web page.
> >>
> >> this sanitize function should return the sanitized value after
> >> removing all possible sql injection
> >> and xss strings.
> >>
> >>
> >> another way could be, sanitize(input) should return true (if no
> >> malicious string found) or false (if some malicious string is found)
> >>
> >> any help is appreciated.
> >>
> >> regards
> >> abhi
> >> _______________________________________________
> >> Owasp-delhi mailing list
> >> Owasp-delhi at lists.owasp.org
> >> https://lists.owasp.org/mailman/listinfo/owasp-delhi
> >
> >
> >
> > --
> > Gunwant Singh
> >
> >
> _______________________________________________
> Owasp-delhi mailing list
> Owasp-delhi at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-delhi
One blink is all it takes for the world to change. One click and MSN India helps you catch up Try it!
--
Gunwant Singh
-----Inline Attachment Follows-----
_______________________________________________
Owasp-delhi mailing list
Owasp-delhi at lists.owasp.org
https://lists.owasp.org/mailman/listinfo/owasp-delhi
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/owasp-delhi/attachments/20090807/e1d98d28/attachment.html
More information about the Owasp-delhi
mailing list