prevent xss on statuses email name family and radio button or chechbox?

1-i have a form which has name family email birthday(which is a select) and gender which is two diffrent radio buttons one for male and another one obviously is for female.
now please can someone explain me how to prevent xss attacks on this fields?

for name and family i did somthing like this with this pattern

$name = preg_replace("/[^a-zA-Z0-9_\-]+/", "", $name);
$family = preg_replace("/[^a-zA-Z0-9_\-]+/", "", $family);

and for email i did like this:

 $email = preg_replace("^[_a-zA-Z0-9-]+(\.[_a-zA-Z0-9-]+)*@[a-zA-Z0-9-]+(\.[a-zA-Z0-9-]+)*(\.[a-zA-Z]{2,3})$^", "", $email);

is this preg_replace secure enough or maybe i need using htmlentity or htmlspecailchars?

2-and for second question is it necessary to escape posted data which is from radio buttons or sellect options?

3-i just read about htmlpurifier..should i use html purifier for people statuses and this register form maybe?
thanks in advance.

Leave a Reply


Hire Me
Follow Me!
Most Popular Articles & Pages
Because your vote is Important
Sorry, there are no polls available at the moment.