I want to apply OWASP-ESAPI for escaping PHP variables, but the documentation as a guideline to apply it -> it seems like Adapter.php not exist in the folder, However, also i spent more time to implement it but still not working,
I appreciate if anyone can help me to implement it to secure my code from XSS attacks using ESAPI tool "Library"
I download OWASP-ESAPI-PHP from Here:https://github.com/OWASP/PHP-ESAPI
My example is (Check.php):
$a = $_GET[‘firstname’]; // Escape using ESAPI
$b = $_GET[‘lastname’]; // Escape using ESAPI
echo $a;
echo $b;
}
?>
Actually, I just want to use it for this example, which contain two PHP variable, so i want to escape these two variable to be safe from XSS vulnerability.
I appreciate if anyone can help me to implement it.
Thanks & Regards
You can check the documentation at the following URL
https://github.com/OWASP/PHP-ESAPI/blob/master/documentation/esapi4php-paper-monthofphp2010-newtool.pdf
I mentioned in my question that my problem in file Adapter.php and the tutorial not clear to implement !!
Where is your solution ?