Which PHP function is used to prevent XSS attacks when outputting user data?

Choose the correct answer:

A) strip_tags()

B) htmlspecialchars()

C) filter_var()

D) mysqli_real_escape_string()

Detailed Explanation

Explanation: htmlspecialchars() converts special characters to HTML entities, preventing XSS attacks. It should be used when outputting user data to HTML. Use ENT_QUOTES flag to also convert quotes.

Discussion (0)

No comments yet. Be the first to share your thoughts!

Which PHP function is used to prevent XSS attacks when outputting user data?

Choose the correct answer:

Detailed Explanation

Discussion (0)

Share Your Thoughts

Send Feedback