Home/ Questions/Q 907257
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-15T16:31:33+00:00

How to do Php Security check for input user fields and input user treatment(please

  • 0

How to do Php Security check for input user fields and input user treatment(please if you can solve example1+2)?

Example1: check if user insert url or something else:

<label>url: </label>
<input type="text">

Example2: check if user insert html or something else

<label>paste html: </label>
<textarea></textarea>

thanks

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    1. For the validation of URLs : 

    $validUrl = strpos($url, "http://") === 0;
if(!$validUrl) $url = "http://".$url;

    When the link is return to the user, use htmlentities().

    2. For the validation of HTML code, use a lib like http://htmlpurifier.org/.

    <?php
require_once 'htmlpurifier/HTMLPurifier.auto.php';

$purifier = new HTMLPurifier();
$clean_html = $purifier->purify($_GET['dirty_html']);
echo $clean_html;
?>

    With the input :

    <img src="test.gif" onload="alert('xss')"/>

    The result is :

    <img src="test.gif" alt="test.gif" />
    • 0