Chris Shiflett wrote:
However, most security issues like XSS and SQL injection aren't really input filtering problems. Often, input filtering can effectively eliminate these vulnerabilities (and there's no excuse to not be filtering input), but escaping addresses the root cause of the problem.
I decided to blog about this in more detail: http://shiflett.org/archive/168 Chris -- Chris Shiflett Brain Bulb, The PHP Consultancy http://brainbulb.com/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
