Characters to filter out of echo

gameaddict2085

Member
Prime Account
Messages
111
Reaction score
1
Points
18
Hey,
I'm going to be displaying echo input from user, what are all the characters I need to filter out for it to be safe for display, does < and > suffice?
Also I'm loading the data into a database using PDO. What characters do I need to filter out to make that safe if any? (I'm using the bindValue with PDO)
 

essellar

Community Advocate
Community Support
Messages
3,295
Reaction score
227
Points
63
You shouldn't have to do any escaping for the PDO. The PHP function htmlspecialchars() should handle escaping for echo safely. See the entry at PHP.net for details.
 
Top