I want to display the php file code on the webpage. how can I achieve security? This post was last edited by taodala from 2012-11-0821: 58: 29. I have a website and want to get a function, is to browse the php files uploaded by netizens online. my current idea is to filter out & nbsp; & lt ;? Php & nbsp; prevents php files from being executed. is this safe? Why? ------ best solution --- how to ensure security when I want to display the php file code on the webpage
At the end of this post, I edited a website by taodala at 21:58:29 on January 8,. I want to use a function to browse the php files uploaded by netizens online. my current idea is to filter them out. ------ Best solution --------------------
How can I automatically post a post?
I want to say that as long as you don't need eval, you can simply output it.
Xss attacks are to be prevented. the simplest thing is to use htmlspecialchars to filter all characters into entity characters.
------ Other solutions --------------------
It is risky to filter only the two impressions. it is best to filter all and ensure security.
------ Other solutions --------------------
At the end of this post, xuzuning edited highlight_file at 22:22:29 on.
Highlight_string
Safe and beautiful
------ Other solutions --------------------
As long as you do not eval
------ Other solutions --------------------
Reference:
How can I automatically post a post?
I want to say that as long as you don't need eval, you can simply output it.
Xss attacks are to be prevented. the simplest thing is to use htmlspecialchars to filter all characters into entity characters.
Can I only filter these two results?
<(Less than) becomes <
> (Greater than) become>
------ Other solutions --------------------
You can directly output the results of file_get_contents (url). However, if there are special html tags, htmlspecialchars can be used. it is impossible to filter only the numbers greater than or less than the numbers.
