News Feed
Sections




News Archive
Looking for more information on how to do PHP the right way? Check out PHP: The Right Way

php|architect:
Never Use $_GET Again
July 09, 2010 @ 09:15:48

In this new post to the php|architect blog Matt Butcher offers a security tip for all PHP developers out there - never use $_GET again.

You don't need to use $_GET or $_POST anymore. In fact, you probably shouldn't use $_GET and $_POST anymore. Since PHP 5.2, there is a new and better way to safely retrieve user-submitted data. [...] Rather than accessing the $_GET and $_POST superglobals directly, you can make use of PHP functions like filter_input() and filter_input_array().

He gives a code example of it in use and talks about the two things these functions do to help keep you safe - validate the data for correct match on criteria and sanitizing the value to ensure the return value is only what's requested. You can find more about these filter functions in the Filters section of the PHP manual.

1 comment voice your opinion now!
filter superglobal get security


blog comments powered by Disqus

Similar Posts

Joshua Thompson's Blog: Prototype-based programming in PHP

Quoderat's Blog: Three simple tips for LAMP web site developers

Demian Turner's Blog: Seagull 0.6.4 Release (fixes Security Isse from 0.6.3)

Codewalkers.com: New Tutorial - Coding \"Best Practices\" - or at least \"Better Practices\"

PHP.net: PHP 5.4.19 and PHP 5.5.3 Released!


Community Events





Don't see your event here?
Let us know!


library code language laravel install developer configure release list wordpress api series threedevsandamaybe interview application introduction unittest podcast community symfony

All content copyright, 2014 PHPDeveloper.org :: info@phpdeveloper.org - Powered by the Solar PHP Framework