Commit 9510d6d8 by Qiang Xue

Merge pull request #6622 from softark/docs-guide-security-best-practice-fix

docs/guide/security-best-practices.md - minor fix [ci skip]
parents 84188820 55491494
...@@ -33,7 +33,7 @@ In Yii, most probably you'll use [form validation](input-validation.md) to do al ...@@ -33,7 +33,7 @@ In Yii, most probably you'll use [form validation](input-validation.md) to do al
Escape output means that depending on context where we're using data it should be escaped i.e. in context of HTML you Escape output means that depending on context where we're using data it should be escaped i.e. in context of HTML you
should escape `<`, `>` and alike special characters. In context of JavaScript or SQL it will be different set of characters. should escape `<`, `>` and alike special characters. In context of JavaScript or SQL it will be different set of characters.
Since it's error-prone to escape everything automatically Yii provides various tools to perform escaping for different Since it's error-prone to escape everything manually Yii provides various tools to perform escaping for different
contexts. contexts.
Avoiding SQL injections Avoiding SQL injections
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment