Back
Syntax
Study
Editor
Mode:
HTML
CSS
JavaScript
PHP
Reset
Run »
HTML / CSS / JS
<?php // Prevent XXE (XML External Entity) attacks libxml_disable_entity_loader(true); // PHP < 8.0 // PHP 8.0+ disabled entity loading by default // Always validate incoming JSON function parseJsonInput(): array { $raw = file_get_contents("php://input"); try { return json_decode($raw, true, 512, JSON_THROW_ON_ERROR) ?? []; } catch (\JsonException $e) { throw new InvalidArgumentException("Invalid JSON body: " . $e->getMessage()); } } // Sanitize before using in output $safe = htmlspecialchars($data["name"], ENT_QUOTES, "UTF-8");
Result
Open