Native PHP, do some security precautions on the Internet. (a bit old 2012)
There is a JS script injected, I input the infinite alert in the data database a script, found that the query results can not be displayed, blank, other HTML tags can be displayed correctly, for example, H1 tags.
And then tried it, as long as there was
The third article on this site is a bit of a long story.
Reply content:
Native PHP, do some security precautions on the Internet. (a bit old 2012)
There is a JS script injected, I input the infinite alert in the data database a script, found that the query results can not be displayed, blank, other HTML tags can be displayed correctly, for example, H1 tags.
And then tried it, as long as there was
The third article on this site is a bit of a long story.
Without doing any processing from the database directly out
of the absolute will be executed. I just tried.
Put out your code, junior.
Htmlspecicalchars () This
Owasp Https://www.owasp.org/index.php/PHP_Security_Cheat_Sheet
The browser will have some anti-XSS security measures
Chrome can look in the console with a red hint
IE will pop up a hint on the head of the page