Once again, XSS vulnerabilities, and cool grep flags

My colleague, Jonathan Felder, has a talent for catching me out on XSS vulnerabilities in my PHP code (not using htmlspecialchars() on form inputs that are displayed as HTML).

Once again, when I asked an unrelated question about one of my scripts, he entered an <img> tag in a text field...and the image shows in the results page! Dang!

I fixed that one, but now I'm paranoid, so I'm going to check every form on 0ur site.

To find them, I grep'd for all instances of _REQUEST, _GET and _POST on the site, and learned a new uses for flags in grep:

[steve@www]$ grep -l -r -F '_REQUEST
>  _POST
>  _GET
> '  --include=*.php htdocs     # returns a list of all php files with one of _REQUEST, _POST, _GET

-F can take a newline-separated list of fixed strings, any of which is to be matched.

-r only works with a directory argument, but you can then filter file-types with the --include=PATTERN flag to "Recurse in directories only searching file[s] matching PATTERN."

-l of course stops searching the file after the first match, and just prints the filename.

Now I can go through the resulting list and check that I'm handling form data OK.