News Feed
Sections




News Archive
Looking for more information on how to do PHP the right way? Check out PHP: The Right Way

Ben Ramsey's Blog:
PECL Input Filter
November 18, 2005 @ 05:12:17

In Ben Ramsey's latest post today, he talks about filtering user input and some of the wealth of discussions that have come up about it on the php-general mailing list.

Richard Lynch even tossed out a few of his ideas concerning the use of a $_CLEAN superglobal variable that would merely serve as a reminder to programmers (through its constant use in the PHP manual) to filter input as a "best practice" (see here and here). Furthermore, on Chris Shiflett's blog, Richard comments that "[s]urely our base solution for minimal Security should be a fundamental part of the PHP language, not some add-on second thought."

I tend to agree with Richard, and that's why I've been paying attention to the PECL Input Filter extension.

Ben starts from the beginning, talking about the Input Filter's roots (from Derick and Rasmus), and Richard's point about security tools being a "fundamental part of the PHP language". He gives an example of a form and how an integrated PHP extension might look to handle the filtering, and his personal opinion on the matter:

It should be noted that it is just as easy to filter input without these built-in functions, but, perhaps, with the inclusion of these functions, it will encourage others to start properly filtering data.

0 comments voice your opinion now!
pecl input filter form extension pecl input filter form extension


blog comments powered by Disqus

Similar Posts

Lukas Smith: On predictable PHP release cycles

PHP 10.0 Blog: ICU+PHP=love

Mikko Koppanen: PHP extension writing

PHPMaster.com: More Bulletproofing with PHPUnit’s Database Extension

Developer.com: Combining an Oracle Database with PHP to Manage Data


Community Events





Don't see your event here?
Let us know!


list api introduction community podcast developer library unittest release threedevsandamaybe laravel language wordpress testing configure series code install interview application

All content copyright, 2014 PHPDeveloper.org :: info@phpdeveloper.org - Powered by the Solar PHP Framework