PHP :: Doc Bug #40203 :: Incorrect man recommendation

Incorrect man recommendation

Submitted:

2007-01-23 05:06 UTC

Modified:

2007-02-04 13:09 UTC

Votes:	1
Avg. Score:	3.0 ± 0.0
Reproduced:	1 of 1 (100.0%)
Same Version:	1 (100.0%)
Same OS:	1 (100.0%)

From:

naplanetu at gmail dot com

Assigned:

philip (profile)

Status:

Closed

Package:

Documentation problem

PHP Version:

Irrelevant

OS:

Private report:

CVE-ID:

None

View Developer Edit

[2007-01-23 05:06 UTC] naplanetu at gmail dot com

Description:
------------
http://www.php.net/manual/en/ref.session.php#session.idpassing
Example 3. Counting the number of hits of a single user
...
<p>
To continue, <a href="nextpage.php?<?php echo strip_tags(SID); ?>">click
here</a>.
</p>

The strip_tags() is used when printing the SID in order to prevent XSS related attacks. 

It's incorrect to use strip_tags() to prevent XSS. You should use htmlspecialchars().

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports

[2007-02-04 13:09 UTC] bjori@php.net

This bug has been fixed in the documentation's XML sources. Since the
online and downloadable versions of the documentation need some time
to get updated, we would like to ask you to be a bit patient.

Thank you for the report, and for helping us make our documentation better.

	php.net \| support \| documentation \| report a bug \| advanced search \| search howto \| statistics \| random bug \| login
go to bug id or search bugs for


Copyright © 2001-2025 The PHP Group All rights reserved.	Last updated: Thu Nov 20 09:00:02 2025 UTC