News Feed
Sections




News Archive
Looking for more information on how to do PHP the right way? Check out PHP: The Right Way

Paul Jones' Blog:
Sanitation with PHP filter_var()
January 17, 2007 @ 15:22:00

In working on a new filter for his Solar framework, Paul Jones discovered that the "float" sanitizer in the new filter extension (PHP 5.2+) doesn't quite work as expected.

I found a problem with the "float" sanitizing function in the 5.2.0 release, and thought others might want to be aware of it. In short, if you allow decimal places, the sanitizer allows any number of decimal points, not just one, and it returns an un-sanitary float.

He includes the text of the bug he submitted as an example of how the error might happen and, despite it being marked bogus, Paul still holds that things are still not working like they should.

You can also check out Pierre-Alain Joye's response to this over on his blog.

0 comments voice your opinion now!
filter extension sanitatinon filtervar float solar framework filter extension sanitatinon filtervar float solar framework


blog comments powered by Disqus

Similar Posts

Zend: New Framework Preview Release by End of Week?

PHPHacks.com: 10 PHP Frameworks compared

Zend Developer Zone: Working with RAR, LZF and BZ2 Compression Formats in PHP

Code2Learn.com: Generating CSV file using CodeIgniter Framework

Padraic Brady's Blog: HTML Sanitisation: The Devil's In The Details (And The Vulnerabilities)


Community Events





Don't see your event here?
Let us know!


refactor community list code symfony2 series developer opinion testing framework podcast release threedevsandamaybe install introduction interview laravel language experience unittest

All content copyright, 2014 PHPDeveloper.org :: info@phpdeveloper.org - Powered by the Solar PHP Framework