News Feed
Sections




News Archive
Looking for more information on how to do PHP the right way? Check out PHP: The Right Way

DevShed:
Sanitizing Strings with Filters in PHP 5
September 03, 2009 @ 07:21:53

DevShed rounds the final corner on their sanitizing user input series of tutorials with the eighth part, a look at filtering inputted strings to remove potentially dangerous issues.

In this part, I discuss how to use the filter extension for sanitizing strings in all sorts of clever manners. I'll show you how to encode quotes, low and high ASCII characters in literals, and remove them in the same easy manner. Doing this can help prevent SQL injections and XSS attacks when developing PHP applications.

Their code shows how to use the FILTER_SANITIZE_STRING, FILTER_FLAG_NO_ENCODE_QUOTES, FILTER_FLAG_STRIP_LOW, FILTER_FLAG_STRIP_HIGH, FILTER_FLAG_ENCODE_LOW and FILTER_FLAG_ENCODE_HIGH filtering methods on a sample string or two and what they'd result in.

0 comments voice your opinion now!
filter extension tutorial string


blog comments powered by Disqus

Similar Posts

SitePoint Server-Side Coding: A Beginner's Guide to Silverlight with PHP

Zend Developer Zone: Debugging PHP applications with xdebug

Pierre-Alain Joye's Blog: how to do not work around filter (don't be lazy :)

Hari KT: Aura.Http : Request and Response

Jani Hartikainen's Blog: Zend_Acl part 2: different roles and resources, more on access


Community Events





Don't see your event here?
Let us know!


api series package deployment voicesoftheelephpant list framework podcast language laravel symfony community release introduction install library interview bugfix tips opinion

All content copyright, 2014 PHPDeveloper.org :: info@phpdeveloper.org - Powered by the Solar PHP Framework