- Joined
- Dec 16, 2011
- Messages
- 1,993
- Reaction score
- 631
Hello, I am coding a comment system for my website and I want to ensure a user-friendly comment section while not limiting them from posting comments that use ' & "... This is what I've got:
Is this appropriate input filter?
How about
How do I test the integrity of the code to ensure it can't be exploited?
PHP:
$comment = $db->real_escape_string($_POST['comment']);
Is this appropriate input filter?
How about
PHP:
htmlentities(stripslashes($comments['comment']))
How do I test the integrity of the code to ensure it can't be exploited?