Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
P
P
Pavel2019-12-26 11:50:04
Laravel
Pavel, 2019-12-26 11:50:04

How to handle form data on server, injection?

All with the upcoming!
I can insert a script into the feedback form and it will be released in the same form in orders, it turns out that you can make all sorts of injections
. How can I protect myself from this and how are they protected?
I know that you can use something like this in the output

{!! html_entity_decode(nl2br(e($m->description))) !!}

but is it safe? Do I need to insert special characters before entering into the database?

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

1 answer(s)
Report
A
Alex Wells, 2019-12-27
@Alex_Wells

Write to the database as is, output with screening (any templating engine or frontend frame has it out of the box). In the case of blade it's {{ }}, why the hell are you using {!! !!} I do not understand.

Similar questions
U
user-5792019-04-15 12:29:50
Compose a query on Laravel Query Builder? 5Reply
K
kostya17042020-12-27 15:44:28
How to build a query? 1Reply
A
Andrey Surzhikov2016-11-19 22:56:58
What is the best way to get a collection? 1Reply
R
rsitnikov752019-04-17 19:16:42
How to specify folder when uploading files in Laravel? 1Reply
N
nasvek2020-12-28 17:25:42
Why does a POST request to register in Laravel 8.x return a 404 error? 1Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question