Guest Posted April 24, 2006 Posted April 24, 2006 if i created a new module that uses the same databse as the oscommerce shop, would using: <?php echo tep_draw_input_field('mynewvalue'); ?> be enough to prevent xss issues?
kgt Posted April 25, 2006 Posted April 25, 2006 No, tep_draw_input_field() only creates text boxes. You need to protect against XSS when you process data (after the form has been posted). Contributions Discount Coupon Codes Donations
New 
Recommended Posts
Archived
This topic is now archived and is closed to further replies.