How to prevent reflected XSS using PHP?

View Original

one text

I create a web application using PHP, and I try to protect my application against XSS attacks and SQL-Injection. I have a problem with reflected XSS. I used urlencode() function, but I am not sure if that function protects my application against reflected XSS. Someone could say me if that safe ?

$id = urlencode($_GET['id']);

$query = $this->database->ConnectDatabase()->prepare("SELECT * FROM user where user_id = :user_id");
$query->bindParam(':user_id',$id, PDO::PARAM_INT);
$query->execute();

Source
© 2021
E-mail: contact@webdevask.com
Back to top