Professional PHP » regular-expressions

The Problem with Markup Languages

March 14th, 2007

Chris Shiflett has a post today, Allowing HTML and Preventing XSS. The problem is how to allow users to format their contributed content without introducing security vulnerabilities. The answer is usually some sort of markup language or filtering and sanitization of HTML.
BBCODE was designed for this purpose. There is no actual standard, [...]

14 Comments | Read the full post »

Two preg_replace Escaping Gotchas

November 13th, 2005

preg_replace is a workhorse PHP function, but it has a couple of escaping gotchas that can cause it to yield unexpected or undesirable results.

16 Comments | Read the full post »

Feed

Subscribe to this blog…

Bookmark or share this page…

About

My name is Jeff Moore. I'm a PHP programmer living in San Francico and working for a startup.

More about me…
Categories (Home)
- Agile Methods (14)
- Mac (14)
- Misc (18)
- Open Source (14)
- PHP (99)
- Software Design (29)
- Usability (14)
- Web Design (20)
Recent Comments
Site
- Archives
- Log in
Search