You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
If I use this library on GET and POST requests, does i need to use and htmlspecialchars or no?
Like htmspecialchars($this->antiXss($_GET['getid']))?
I mostly pass this requests to sql queries..
Thanks.
The text was updated successfully, but these errors were encountered:
In a perfect world you do not to escape / clean html tags if you interact with sql. You need to use prepare statements or some kind of sql escaping (e.g. mysqli_real_escape_string). And only if you display your data, you need to escape the html tags.
If I use this library on GET and POST requests, does i need to use and htmlspecialchars or no?
Like htmspecialchars($this->antiXss($_GET['getid']))?
I mostly pass this requests to sql queries..
Thanks.
The text was updated successfully, but these errors were encountered: