PHPDeveloper.org: Paul Jones' Blog: Sanitation with PHP filter_var()

	News Feed
	Jobs Feed

Sections

Tutorials

Books

Events

Talks

Jobs

Recent Jobs

Job Posting: Quinstreet, Inc. Seeks Sr. PHP Developer (Foster City, CA)

Job Posting: WideEye Interactive/Moroch Advertising Seeks Web Developer (Dallas, TX)

Job Posting: Project People Ltd (Recruiter) Seeks PHP Developer (Paris, France)

Job Posting: Snelling (Recruiter) Seeks Web Programmer (Boston, MA)

Job Posting: Veedow Seeks Senior PHP Developer/Architect (London, UK)

Job Posting: Apex Systems (Recruiter) Seeks PHP Web Developers (Tampa, FL)

Job Posting: WordStream Seeks Web Application Developer (Needham, MA)

Job Posting: JS Creative Seeks Web Developer (Atlanta, GA)

Job Posting: Kodak Graphic Communications Group Seeks PHP Application Developer (Stamford, CT)

Job Posting: RJ Byrd (Recruiter) Seeks PHP Application Developer (Dallas, TX)

News Archive

IBM developerWorks: 30 game scripts you can write in PHP, Part 1: Creating 10 fundamental scripts

WebReference.com: Administering RBAC in PHP 5 CMS Framework

Douglas Clifton's Blog: PHP Specificity (a Five-part Series)

PHPro.org: Class Hierachies And Overriding

Hiveminds: PHP is a skill not a profession

Site News: Blast from the Past - One Year Ago in PHP

Zend Developer Zone: Dynamically Generating PDF Files with PHP and Haru

Jani Hartikainen's Blog: Base classes in OOP programming languages

Community News: PHP Quebec 2009 Schedule Announced

Community News: Latest Releases from PHPClasses.org

Paul Jones' Blog:
Sanitation with PHP filter_var()

by Chris Cornutt January 17, 2007 @ 15:22:00

In working on a new filter for his Solar framework, Paul Jones discovered that the "float" sanitizer in the new filter extension (PHP 5.2+) doesn't quite work as expected.

I found a problem with the "float" sanitizing function in the 5.2.0 release, and thought others might want to be aware of it. In short, if you allow decimal places, the sanitizer allows any number of decimal points, not just one, and it returns an un-sanitary float.

He includes the text of the bug he submitted as an example of how the error might happen and, despite it being marked bogus, Paul still holds that things are still not working like they should.

You can also check out Pierre-Alain Joye's response to this over on his blog.

0 comments voice your opinion now!
filter extension sanitatinon filtervar float solar framework filter extension sanitatinon filtervar float solar framework

Title:

Name:

Email:

Comments:

Similar Posts
Paul Jones' Blog: Solar and TypeKey Authentication
David Parra's Blog: Extension development on windows
Paul Jones' Blog: The Stenhouse CSS Framework and Solar
ONLamp.com: Points of Attack: PHP and Ajax
Templora.com: Basic PHP Script Security

Community Events

Don't see your event here?
Let us know!

All content copyright, 2008 PHPDeveloper.org :: info@phpdeveloper.org - Powered by the Solar PHP Framework