13 Jan 2006
Every web programmer has their own way of dealing with XSS but here is an interestingly simple way to deal with XSS attacks.
function filter_xss($oValue, $sValidCharacters = "1234567890!@%-_=+:,./abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ")
{
for($iCounter = strspn($oValue,$sValidCharacters); $iCounter < strlen($oValue); $iCounter = strspn($oValue,$sValidCharacters))
{
$oValue[$iCounter] = '_';
}
return $oValue;
}
{"display_name"=>"chris"}