News Feed
Sections




News Archive
Looking for more information on how to do PHP the right way? Check out PHP: The Right Way

Mattias Geniar's Blog:
Input Validation Using filter_var() Over Regular Expressions
February 11, 2009 @ 07:55:30

This recent post to Mattias Geniar's blog takes a look at an alternative to trying to catch every single thing that could be filtered on user input with a regular expression - the filter_var function.

Just about the biggest time-sink on any project, is the amount of input validation that needs to be done. You _have_ to assume your visitor is a maniac serial killer, out to destroy your application. And you have to prevent it. [...] Thus starts our never-ending battle for user input validation. We can't allow it all so we check every value presented to us. But using PHP's filter_var function, this can be made 100x easier!

He includes the long list of filtering types that the function has to offer including sanitizing strings, working with special characters and validating input like email addresses, URLs and IP addresses.

0 comments voice your opinion now!
filtervar regular expressions input validation sanitize


blog comments powered by Disqus

Similar Posts

SecWatch.org: CJ Tag Board Multiple Parameter Handling PHP Code Injection Vulnerabilities

Evert Pot's Blog: Internationalized domain names, are you ready?

NETTUTS.com: Caching, YQL, and Regular Expressions

Padraic Brady's Blog: Zend Framework Proposal: Zend\Html\Filter (HTML Sanitisation And Manipulation)

PHPBuilder.com: PHP Form Validation System: An Object-Oriented Approach


Community Events





Don't see your event here?
Let us know!


community development language threedevsandamaybe release introduction list developer conference laravel interview api series application zendserver tips framework code podcast deployment

All content copyright, 2014 PHPDeveloper.org :: info@phpdeveloper.org - Powered by the Solar PHP Framework