DEV Community

TechMan09
TechMan09

Posted on

How do I sanitize data?

I know there is htmlspecialentities() that changes "<" to (I forget, its like &31; or something), but is that the best and most secure way?

Top comments (3)

Collapse
 
manushifva profile image
manushifva

There was some ways to sanitize data with many purpose. You can sanitize the "<" for preventing XSS, escaping some characters like "=" or " " " for preventing SQL Injection. They all all secure, but it will be great if you do it multiple times (like not just doing one of them, but all).

Collapse
 
techman09 profile image
TechMan09

“like not just doing one of them, but all”.

But all of what? Are there additional parameters I should be using, or additional/different functions?

Collapse
 
manushifva profile image
manushifva

All of the method. For more specific example, don't only run the method for sanitize your data for preventing XSS, you also need to sanitize your data for preventing SQL Injection. This will give an extra protection.