Questions about this topic? Sign up to ask in the talk tab.
Main Page/Featured Article
From NetSec
Revision as of 04:42, 2 June 2012 by GertieUbpgdd (Talk | contribs)
Unsafe string replacement occurs when a replacement call is used to remove a series of text longer than one character from a string, invoked only once, to sanitize it. Because string replacement (str_replace in PHP, =~ s/// in Perl, etc) functions only do a single replacement, it is necessary to loop over them until all unsafe characters or strings are removed if you are replacing more than a single character. This also applies to replacements powered by regular expressions.