Menu
I'm currently recovering from a nasty XSS attack, and realized I never sanitized inputs on several of the forms on my site. I used Notepad++'s Find In Files feature to search for $_POST in all my PHP files, and got almost 5,000 results. Now, I really don't want to go and manually add strip_tags to every one of those results, but a replace-all wouldn't do the trick... and I'm a total noob when it comes to things like regular expressions.
Is there any way to make this a little less tedious?
640
Just use array_map().
$Clean = array_map('strip_tags', $_POST);
Or if you want it to go back to the $_POST variable:
$_POST = array_map('strip_tags', $_POST);
It's probably a better idea though to use a different variable and change all occurrence of $_POST to $Clean in your files.
151
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
