OWASP Top 10 2013 A9 Using Components with Known Vulnerabilities • Status: FLAGSHIP • Korzysta z NIST National Vulnerability Database • Produkuje raport
of ESAPI but are good practice Step Step 1 2 $clean = array(); //this is local in scope $clean_sql = array(); //this is local in scope $clean['id'] = ESAPI::getValidator()->getValidInput( ... ); $clean_sql['id'] = ESAPI::getEncoder()->encodeForSQL( new MySQLCodec(), $clean['id'] ); This is also an ESAPI control