Hi there,
I would like to have some good advice concerning how to stop XSS attacks and sql injection.
I have made some reserach and read a lot concerning this and it comes back to always filter your input.
I was thinking of having a static class for a constant check of all form submission, for example, before i run any kind of input filtering, there is a function that kicks in everytime to check all kind of request and filter it before hand, if any dodgy data is found it will kill eveything and warn eg. Hack Attempt!
Is it a good idea to do that ?
Thanks for any help,
Regards,
Jerome
