Data Sanitization in PHP [closed]

Can someone recommend an up to date library for data Sanitization in PHP ?

I am looking for a library that proposes a set of functions for data sanitization. Email validation/sanitization (remove those %0A, \r...), strip htlm (stripslashes(htmlentities), remove script, SQL injection … any form of exploit related to data submitted by users.

CakePHP sanitization class (not the "framework") looks nice.. ?

标签： php sanitization

6条回答

Lonely孤独者°

2楼-- · 2020-07-10 09:52

$firstName = $_POST['fname'];
$new_string = filter_var($firstName, FILTER_SANITIZE_STRING);
echo $new_string;

0人赞添加讨论(0) 举报

地球回转人心会变

3楼-- · 2020-07-10 09:57

Zend Filter, Zend Filter Input and Zend_Validate

0人赞添加讨论(0) 举报

虎瘦雄心在

4楼-- · 2020-07-10 10:01

Check out PHP Filter

0人赞添加讨论(0) 举报

Ridiculous、

5楼-- · 2020-07-10 10:01

CakePHP is a framework, not a sanitation library.

It's probably easier to just write your own sanitization functions.

0人赞添加讨论(0) 举报

来，给爷笑一个

6楼-- · 2020-07-10 10:02

There is no such thing as data sanitization. Data isn't dangerous on it self - it's the context in which it's used, that makes it safe or unsafe. That means that it is pointless to try and validate/sanitize data on entry. Instead, your should escape it properly on output. See also my answer here.

0人赞添加讨论(0) 举报

Ridiculous、

7楼-- · 2020-07-10 10:08

For filtering out xss attacks when you need to preserve html markup: htmlpurifier

If you don't need to keep html markup, you can use htmlspecialchars or htmlentities

0人赞添加讨论(0) 举报

Data Sanitization in PHP [closed]

采纳回答

编辑标签

举报内容

检举类型

检举原因

检举说明(必填)

打开微信“扫一扫”，打开网页后点击屏幕右上角分享按钮

付费偷看金额在0.1-10元之间