Hi.... I'm desperatly in need of help as I've developed a whole site without considering XSS ramifications.
Most forms on the site are submitted to themselves and some basic validation is conducted on the input eg. is it a number, is it an email address etc.
I'm thinking that I can use a simple process within the validation block to test the input once the submit is clicked. It would run through each field in the form and check for the usual suspects <,>,(,) etc....
How do I do this... does anyone have some sample code available?