Article Topic Learning Download Q&A Programming Dictionary Game Recent Updates

简体中文(ZH-CN) English(EN) 繁体中文(ZH-TW)

Home > Backend Development > PHP Tutorial > body text

网络安全 - php 只通过 filter 过滤用户输入，是否足够安全？

WBOY

Release： 2016-06-06 20:50:49

Original

1307 people have browsed it

应用的场景就是用户可以输入任意文本，但是不能输入类似html这样的代码

在php 中可以通过 FILTER_SANITIZE_STRING 去过滤用户输入

过滤之后的内容是不是足够安全了呢，还用作其他的比如针对xss过滤吗

回复内容：

应用的场景就是用户可以输入任意文本，但是不能输入类似html这样的代码

在php 中可以通过 FILTER_SANITIZE_STRING 去过滤用户输入

过滤之后的内容是不是足够安全了呢，还用作其他的比如针对xss过滤吗

标题里面提到了足够安全 ... 关键就是看你怎么理解这个足够了 ...

对于 XSS ... XSS 的全称是 Cross-site Scripting ... 关键点在 Scripting ...

如果你用了 FILTER_SANITIZE_STRING ... 肯定就不存在被 XSS 的风险了 ...

但这样并不能说就是在任何地方都完全安全 ... 其他的风险依然存在 ...

比如说这样的内容在不经处理之前不能直接写进 SQL 语句里面 ...

以及还要看你如何把用户输入的内容显示出来 ...

如果用户输入的内容有可能合法的出现在 script 标签内 ... 也必须要进行额外的处理 ...

Related labels：

php Safety cyber security

source：php.cn

Previous article：请教这个是异常抛出PHP中什么写法？是版本改进嘛？ Next article：Windows环境下编译 eAccelerator

Statement of this Website

The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn

Latest Articles by Author

How to creatively plan short video content? How many types of content creative planning are there?

2024-07-03 11:35:22
How to hand in homework in Quark How to hand in homework

2024-07-03 11:35:07
How to turn off private message reminders on Mango TV. Share the steps to turn off private message reminders on Mango TV.

2024-07-03 11:34:45
How to check business license information on Tujia app How to check business license information on Tujia app

2024-07-03 11:34:37
How to transfer Aiqicha to manual service? Aiqicha tutorial for contacting manual customer service

2024-07-03 11:34:23
How to turn off the gift broadcast in Kuaishou Live Companion. Introduction to the tutorial of turning off the gift broadcast in Kuaishou Live Companion.

2024-07-03 11:33:39
How to set the area of concern in the earthquake early warning app Tutorial on setting the area of concern in the earthquake early warning app

2024-07-03 11:31:23
How to change the theme of Dragonfly FM? Introduction to how to set the theme of Dragonfly FM

2024-07-03 11:31:17
Realme GT6 opens for pre-order on JD.com and will be officially released on July 9

2024-07-03 11:31:01
How to give good reviews to Xiaolu Team?

2024-07-03 11:30:38

Latest Issues

How to list data in a section by ID using while loop in PHP? I have a mysql table with these columns: series_id, series_color, product_name In the outp...

From 2023-11-17 20:03:03

0

1

290

Call to undefined function create_function() I get this message on the home page of the website: Fatal error: Uncaught error: calling /...

From 2023-11-16 19:00:36

0

1

277

<?php //Given a year, month and day, output the day of the year that the date is (note that leap year 4 100 400) <?php //Given a year, month and day, output the day of the year that the date is (no...

From 2023-11-14 23:55:21

0

1

79

PHP trim unicode spaces I'm trying to trim unicode spaces such as this character and I was able to do it using thi...

From 2023-11-13 08:49:45

0

2

398

TYPO3 V11: "PHP warning: undefined array key", $this->request->getArguments() is empty I'm a new user of typo3, I made a plugin to show users and use the search bar to filter th...

From 2023-11-12 21:35:09

0

1

362

Related Topics

More>

Popular Recommendations

Popular Tutorials

More>

Related Tutorials

Popular Recommendations

Latest courses

Latest Downloads

More>

Web Effects

Website Source Code

Website Materials

Front End Template

About us Disclaimer Sitemap: php.cn：Public welfare online PHP training，Help PHP learners grow quickly！