Blog
$_POST Data and the XSS Filter Using CodeIgnitor
Posted on June 25, 2015 in CodeIgniter, MVC, PHP by Matt Jennings
Enable Global XSS Filtering in the config.php
File
<?php
$config['global_xss_filtering'] = TRUE;
?>
Getting Form Post Data in Regular PHP
<?php
if ( ! isset($_POST['something']))
{
$something = FALSE;
}
else
{
// Uses the XSS filter in the config.php file
$something = $_POST['something'];
}
?>
The Equivalent of Getting Form Post Data in CodeIgnitier
<?php
// The "TRUE" parameter uses XSS Filtering
$something = $this->input->post('something', TRUE);
?>
Leave a Reply
To Top ↑