iRev Input Validation Libraries
Ralf Bitter
rabit at dimensionB.de
Sat Sep 18 16:31:17 EDT 2010
For XSS filtering see the rigXssClean() function
in system/libraries/Input.irev.
Unfortunately revIgniter's implementation for escaping database queries
can not be associated with only one handler you could copy and paste.
This subject is a bit more complex, so please bare with me when I point you
to entire libraries like system/database/DBactiveRec.irev,
system/database/DBdriver.irev and system/database/drivers/mysql/mysqlDriver.irev.
Cheers
Ralf
On 18.09.2010, at 19:38, Web Admin Himalayan Academy wrote:
> On 9/18/10 3:08 AM, Ralf Bitter wrote:
>> just to clarify:
>> active record database queries are escaped automatically by revIgniter,
>> not by the server engine. Obviously the revIgniter user guide is
>> capable of being misunderstood here. I will change that.
>>
>> Regarding XSS attacks:
>> revIgniter comes with a Cross Site Scripting Hack prevention filter
>> which can either run automatically to filter all POST and COOKIE data
>> that is encountered, or you can run it on a per item basis.
>>
>> Cheers
>>
>> Ralf
>
> where in the framework can i find that code i.e library files... for now I need to use it outside the revigniter framework (see other memo on that issue.)
>
> Thanks!
>
> Skts
More information about the use-livecode
mailing list