Limit the input characters
The first thing to do is limit the characters that a user can enter in the fields
text. For example, if we have a field to enter the user's name, we will not leave it open
so that they can enter any number of characters, but we will limit such
20 or 30 characters. to limit the number of characters, we can use the variable "maxlength" that
It provides the HTML standard.Sanitize data
When we talk about cleaning up the data, we are referring to stay only with the information
we are interested in removing the HTML tags that can be included in a text box.by
example, if you are storing the name of a person, little good is that the user enter
bold, because all we want is his name.
To achieve this cleaning, we can use the "strip_tags" functionEscaping data
To protect data and display as the user entered them, should "escape" the data to
present them to the user. That is, characters to be represented by HTML entities if desired
preserve its meaning (eg double quotes must transform & quot; which is as
It represents HTML).with this we prevent the browser to execute and evaluate the code.
To accomplish this, we can use the "htmlspecialchars" function
You are viewing a single comment's thread from: