I want know how to cleaning/filtering input if I’m not using dhtmlx PHPConnector, so I am using my own code for server
ex: myForm has input named inp1,
then using myForm.send(‘server.php’);
In server.php :
$inp1 = $_POST[‘inp1’]
I want cleaning $inp1. Is it possible using ConnectorSecurity::$xss and ConnectorSecurity::$security_key = true ? If not possible could you tell me another option?
Need to include xss_filter.php, if not Class ‘ConnectorSecurity’ not found
How about CSRF/XSRF, only simple call “ConnectorSecurity::$security_key = true” or must using other method?
CSRF protection need to be used with both data generation and data saving routines. If you are not using connector for any of such tasks, it will be more simple to use a custom CSRF protection logic.