From the course: Validating and Processing Forms with JavaScript and PHP

Unlock this course with a free trial

Join today to access over 22,400 courses taught by industry experts.

Sanitizing form input

Sanitizing form input

Sanitizing means cleaning up the data in your form, to prevent malicious scripts from executing. You need to be careful when receiving input from any form, since forms are a way for users to pass information to your server. Malicious users can sometimes try to get access to sensitive information by exploiting unsafe pages. The most misuse security threats happen when your form is saving information to an existing database, outputting the info to a page or emailing data to someone else. If you've been following along with this video, you've already learned how to use regular expressions to validate user input. One way to sanitize your input is to check what the user types versus regular expression patterns. PHP also has a lot of functions that can help you prevent the misuse of your forms. Which ones you use depends on the context of what you're trying to prevent. Strip_tags() removes HTML tags from input fields. It's useful if you want to strip any links or other code out of the text.…

Contents