News Feed
Jobs Feed
Sections




News Archive
Looking for more information on how to do PHP the right way? Check out PHP: The Right Way

Brandon Savage's Blog:
FIEO Filtering Input with PHP's Filter Functions
August 28, 2009 @ 08:55:03

Brandon Savage has a new post about a key concept that both new and experienced developers need to remember when working with user input - Filter Input, Escape Output (FIEO).

Brand-new PHP developers have drilled into their heads the concept of Filter Input, Escape Output (FIEO). This concept essentially insists that all user-provided content be filtered or escaped, without exception. With the delivery of PHP 5.2.0, this got a lot easier, because PHP included, by default, the Filter library.

He gives two examples of an email validation method - one using a regular expression and the other using the filter_var function of the filter extension with the FILTER_VALIDATE_EMAIL constant for the type.

0 comments voice your opinion now!
filter input output extension


blog comments powered by Disqus

Similar Posts

Pierre-Alain Joye's Blog: how to do not work around filter (don't be lazy :)

Zend Developer Zone: Zend_Log timestamp filter

Sameer Borate's Blog: Disabling the silence @-operator in PHP

Johannes Schluter's Blog: Changes in PHP trunk: No more extension for sqlite version 2

PHP Security Blog: Holes in most preg_match() filters


Community Events











Don't see your event here?
Let us know!


symfony2 release hhvm example security facebook framework composer unittest opinion introduction hack package podcast install code language component overview application

All content copyright, 2014 PHPDeveloper.org :: info@phpdeveloper.org - Powered by the Solar PHP Framework