I know similar questions have been asked but I am struggling to work out how to do it. I am building a CMS, rather primitive right now, but it’s as a learning exercise; in a production site, I would use an existing solution for sure. I would like to take user input, which can be styled in a WYSIWYG editor.
Tag: xss
How can I prevent 2nd order SQL attacks?
I’m using PHP PDO for my queries, everywhere, but I read that in very rare cases there could still be “second order injections” where an unsafe variable is stored then executed when used in another statement. Will prepared statements still protect against this? As long as I make sure I always use them? Or do I have to take more