News Feed
Jobs Feed
Sections




News Archive
Looking for more information on how to do PHP the right way? Check out PHP: The Right Way

Paul Jones' Blog:
Sanitation with PHP filter_var()
January 17, 2007 @ 15:22:00

In working on a new filter for his Solar framework, Paul Jones discovered that the "float" sanitizer in the new filter extension (PHP 5.2+) doesn't quite work as expected.

I found a problem with the "float" sanitizing function in the 5.2.0 release, and thought others might want to be aware of it. In short, if you allow decimal places, the sanitizer allows any number of decimal points, not just one, and it returns an un-sanitary float.

He includes the text of the bug he submitted as an example of how the error might happen and, despite it being marked bogus, Paul still holds that things are still not working like they should.

You can also check out Pierre-Alain Joye's response to this over on his blog.

0 comments voice your opinion now!
filter extension sanitatinon filtervar float solar framework filter extension sanitatinon filtervar float solar framework


blog comments powered by Disqus

Similar Posts

NETTUTS.com: Can You Hack Your Own Site? A Look at Some Essential Security Considerations

Symfony Blog: Internationalize your Propel Forms

Alexander Netkachev's Blog: A little bit more about Zend_Controller plugins

Amir Saied's Blog: Book review: "Pro PHP: Patterns, Frameworks, Testing and More" by Kevin McArthur

Mike Naberezny\'s Blog: Moving Forward


Community Events











Don't see your event here?
Let us know!


symfony2 composer release language framework podcast security package application unittest opinion hhvm introduction example component facebook hack overview install code

All content copyright, 2014 PHPDeveloper.org :: info@phpdeveloper.org - Powered by the Solar PHP Framework