I have strings like: Avery® Laser & Inkjet Self-Adhesive I need to convert them to Avery Laser & Inkjet Self-Adhesive. I.e. remove special characters and convert html special c...

I am using htmlspecialchars() function to prevent XSS attacks. I have doubt regarding what is the better method to store the data in database from following. Method 1 : Store the user input values...

In the htmlspecialchars function, if you set the ENT_SUBSTITUTE flag, it is supposed to replace some invalid characters. What characters are replaced? And what is the mapping between the invalid ...

My users are allowed to insert anything into my database. So using a whitelist / blacklist of characters is not an option. I'm not worried (covered it) about the database end (SQL injection), but...

A web service that I am accessing send the following response... <strong>result</strong> How can I strip the string of these encoded tags?

What are the special reserved character entities in HTML and in XML? The information that I have says: HTML: & (replace with &) < (replace with <) > (replace with &...

so I have a site where users can register using a username of their choosing and can submit large blocks of text and add comments. Currently, to avert XSS, I use strip_tags on the data on input to ...

I send this with AJAX POST: <li><ul class "zone zCentral ui-sortable"><li><ul class="region rCol3 ui-sortable"><li class="" style=""><div><span class="tc tc_...

There is a charset parameter in htmlspecialchars but the decode version does not have it. In comparison to the similar htmlentities, the encode and decode functions both have the charset parameter....

How can I do this on Ruby? puts some_method("ò") # => "ò" In other words convert an accented character like ò to his HTML version: ò I tried like this: # coding: utf-8...

why would this $trader_details = array_walk($trader_details, 'htmlspecialchars'); give this error? Severity: Warning Message: htmlspecialchars() expects parameter 2 to be long, string given a...

When outputting user input, do you only use htmlspecialchars() or are there are functions/actions/methods you also run? I'm looking for something that will also deal with XSS. I'm wondering if I s...