Quick method to prevent cross site scripting in php

This Tutorial Has Been Viewed 1,423 Times.

Posted by admin on April 9, 2010, filed in: PHP, scripts

Let’s define a simple function to prevent the querysting from being tampered with external code.

Lets take an example, If you have a webpage like

http://www.mistonline.in/search/index.php?name=java , there is every possiblity that a hacker can try to inject some javascript in that something like this

http://www.mistonline.in/search/index.php?name=<script language=javascript>setInterval
(“window.open(‘http://www.baddomain.com/’,'innerName’)”,50);
</script>

Like this there are numerous techniques, So inorder to prevent this from happening on your webpage use the below code which is very simple written using php

A Quick Look at Cross Site Scripting – Coding for our safety

function validateQueryString ( $queryString , $min=1,
$max=32 ) {
if ( !preg_match ( "/^([a-zA-Z0-9]{".$min.",".$max."}=[a-zA-Z0-9]{".$min.",".$max."}&amp;?)
+$/", $queryString ) ) {
return false;
}
return true;
}?&gt;

Once we have defined this function, we call it this way:

< ?php
$queryString = $_SERVER[‘QUERY_STRING’];
if ( !validateQueryString ( $queryString ) ) {
header( ‘Location:404.php’ );
}
else {
echo ‘Welcome to ’.stripslashes($_GET[‘name’].' pages');
}?>

Rating: 0.0/10 (0 votes cast)

Rating: 0 (from 0 votes)

Incoming search terms:

jsp prevent xss (4)
php prevent cross site (4)
prevent cross site scripting php (4)
javascript function to stop xss (3)
php prevent xss (3)
how to stop cross site scripting in php (2)
how to eliminate javascript xss in php (2)
stop cross site scripting php (2)
how to prevent cross site scripting in php (2)
how to prevent xss in bbs (2)
php cross site scripting querystring (2)
prevent xss php query string (2)
php stop cross site scripting (2)
php query_string xss (2)
xss php tutorial (2)
xss php query_string (2)
php stop cross scripting (2)
php prevent cross-site (2)
xss mysl drop down (2)
Avoid Cross Site Scripting php (2)
prevent xss through php (1)
prevent xss with php (1)
preventing swf xss (1)
prevent xss html form php tutorial (1)
php prevent xss scripting (1)
prevent cross-site scripting php (1)
prevent site-cross scripting (1)
prevent cross-site switching in php (1)
xss on php query string (1)
php query string xss (1)
PHP stop Cross-site (1)
php protect from cross site (1)
prevent cross script in jsp javascript (1)
php programs to prevent cross site scripting (1)
prevent cross scripting with php (1)
prevent cross-site scripting in php (1)
php preventing cross-site (1)
prototype js prevent xss (1)
query string post method cross site scripting (1)
stop xss in php (1)

You will also be interested in ,

Tags: PHP, scripts

« Previous

Avoid direct access to a file in php enhanced version

Get browser version and details using javascript

M	T	W	T	F	S	S
« Jan
		1	2	3	4	5
6	7	8	9	10	11	12
13	14	15	16	17	18	19
20	21	22	23	24	25	26
27	28	29