OK, If you are looking for a piece of cake, then I would suggest you to "include" functions in your code that have already been built by experts for input/output validation anterior to be included in the PHP distributions. You would not be able to find any built-in security input/output validation functions in standard PHP distributions as yet.
Instead you can download and include functions in your code like the famous "field_validator" function available here: http://www.osix.net/modules/article/?id=218. By doing this you still will be using Regexs but you do not have to include regexs on each field. You will use the function call instead. Hope that helps. Let me know anything else you want to cognize. -Gunwant On Mon, Aug 3, 2009 at 10:11 AM, Abhishek Kumar <abhishek.l...@gmail.com>wrote: > Hi list, > > I do have an idea about Regular expressions and its usages in preventing > XSS and SQL injection. > > but the thing is, I want a function which is already written in a > compact manner > so that it tackles all XSS and SQL injection problems. > > As a newbie perhaps I would miss some conditions/"malicious strings". > > regards > abhi > > On Fri, Jul 31, 2009 at 10:58 PM, Gunwant Singh<gunwan...@gmail.com> > wrote: > > Do you have any idea on 'Regular Expressions'? > > > > On Wed, Jul 29, 2009 at 8:13 PM, Abhishek Kumar <abhishek.l...@gmail.com > > > > wrote: > >> > >> hi list, > >> I am looking for code for sanitizing each and every input for SQL > >> injection > >> and XSS in PHP > >> > >> I need a function say sanitize(<input>), where <input> would be a > >> value which user is supplying in > >> the web page. > >> > >> this sanitize function should return the sanitized value after > >> removing all possible sql injection > >> and xss strings. > >> > >> > >> another way could be, sanitize(input) should return true (if no > >> malicious string found) or false (if some malicious string is found) > >> > >> any help is appreciated. > >> > >> regards > >> abhi > >> _______________________________________________ > >> Owasp-delhi mailing list > >> Owasp-delhi@lists.owasp.org > >> https://lists.owasp.org/mailman/listinfo/owasp-delhi > > > > > > > > -- > > Gunwant Singh > > > > > -- Gunwant Singh
_______________________________________________ Owasp-delhi mailing list Owasp-delhi@lists.owasp.org https://lists.owasp.org/mailman/listinfo/owasp-delhi
