|
|
|
|
|
|
by ronnoch
5583 days ago
|
|
|
> Honestly, I'm trying to figure out how someone could sanitize their input and still be affected by this. I don't think you could, unless you tried to write your own sanitizing functions from scratch and somehow screwed it up. In PHP, htmlspecialchars(), mysql_real_escape_string() and addslashes() all do fine sanitizing array input -- either throwing an exception or returning the string "Array". |
|
|