Security Check

  • Status Closed
  • Budget N/A
  • Total Bids 5

Project Description

I'm running two PHP application on web server.

I have to questions

1. I replaced "on" to o&#110 using str_replace to prevent XSS attack. so if someone tries "onreadystatechange='something'",

it appears like "o&#110readystatechange='something' on admin's page.

is there any way to put "'onreadystatechange='something'"?

for example i tried "o\nreadystatechange='', "o nreadystatechange" my application put it as it is, but javascript didnt work.

2. I replaced "" to &lt,&gt so if someone tries put ,

it shows &ltimg src=""&gt on my admin's page.

is there any how to put on my admin's page?

I cant show you my website, it's groupware and companian's only

I'm asking these because I got to know so I can protect my application

thank you for read,

and if my budget's too small then let me know

Get free quotes for a project like this
Skills Required

Looking to make some money?

  • Set your budget and the timeframe
  • Outline your proposal
  • Get paid for your work

Hire Freelancers who also bid on this project

    • Forbes
    • The New York Times
    • Time
    • Wall Street Journal
    • Times Online