Re: PHP variable sanitization functions

[Jean-Jacques Halans <jj () halans be>]

Another related sourceforge project:
http://sourceforge.net/projects/kses
"kses is an HTML/XHTML filter written in PHP. It removes all unwanted 
HTML elements and attributes, and it also does several checks on 
attribute values. kses can be used to avoid Cross-Site Scripting (XSS), 
Buffer Overflows and Denial of Service attacks."

Halans Jean-Jacques



Gavin Zuchlinski wrote:

> The script has been updated again, I tried to update it with the suggestions 
> everyone had mentioned.
> Just a note on my thinking behind creating these functions though (because a 
> few of you noted there are similar functions already in PHP). (1) I wanted to 
> make functions that could be easily ported to other languages, mainly Perl 
> which is why I used regex (2) I wanted to unify sanitization a bit more (with 
> naming and usage), since PHP's functions are stuck all around in every little 
> corner. On the note of (1) I will be translating all the functions over to 
> Perl some time in the next few days, I will send a post out to the list when 
> this is done.
> Thanks to the interest of everyone a few of the people from this list (Jamie 
> Pratt, hokkaido () serverart org, and myself) are going to be moving the project 
> over to sourceforge and continue development of it there.
>
>
> Gavin Zuchlinski
> http://libox.net/
>
>
>
>
>