Introducing php parameter filtering and php data filtering, including the basic principles of php submitted data filtering, php simple data filtering
Basic principles of php submission data filtering
1) When submitting variables into the database, we must use addslashes() for filtering. For example, our injection problem can be solved with just one addslashes(). In fact, when it comes to variable values, the intval() function is also a good choice for filtering strings.
2) Enable magic_quotes_gpc and magic_quotes_runtime in php.ini. magic_quotes_gpc can change the quotation marks in get, post, and cookie into slashes. magic_quotes_runtime can play a formatting role in data entering and exiting the database. In fact, this parameter was very popular back in the old days when injection was crazy.
3) When using system functions, you must use escapeshellarg(), escapeshellcmd() parameters to filter, so that you can use system functions with confidence.
4) For cross-site, both parameters of strip_tags() and htmlspecialchars() are good. All tags with html and php submitted by users will be converted. For example, angle brackets "<" will be converted into harmless characters such as "<".
$new = htmlspecialchars("<a href='test'>Test</a>", ENT_QUOTES);
strip_tags($text,);
5) For the filtering of related functions, just like the previous include(), unlink, fopen(), etc., as long as you specify the variables you want to perform the operation or filter the related characters strictly
All resources on this site are contributed by netizens or reprinted by major download sites. Please check the integrity of the software yourself! All resources on this site are for learning reference only. Please do not use them for commercial purposes. Otherwise, you will be responsible for all consequences! If there is any infringement, please contact us to delete it. Contact information: admin@php.cn
Related Article
Is there a reliable PHP library for email address validation?
17 Nov 2024
PHP Email Address Validation Library InquiryValidating email addresses is essential to ensure data integrity. However, creating a compliant...
What\'s the Easiest Form Validation Library in PHP for Programmers?
17 Oct 2024
Easiest Form Validation Library for PHPProblem:Developing a straightforward PHP library for efficient form validation, where rules and field names can be easily passed and errors retrieved.Answer:One approach is to implement your own validation class
Should You Use a PHP Open-Source Library or the Built-In Function for Email Address Validation?
26 Nov 2024
Validating Email Addresses in PHP: Open-Source Library or Built-In Function?Email address validation is crucial to ensure accurate data collection...
What is the Most Effortless PHP Library for Form Validation?
17 Oct 2024
Easiest Form Validation Library for PHPIn search of a straightforward PHP library that simplifies form validation tasks? Let's explore your options:Custom Library ExampleThe user suggests a custom PHP class that incorporates predefined regex patterns
Validating JSON Schema with Fixed and User-Defined Keys in Python
13 Nov 2024
Validating JSON schemas is crucial for ensuring data integrity, especially in dynamic applications where data formats may vary. In Python, the jsonschema library allows efficient validation by enforcing structure and data types. This tutorial demonst
Pydantic: The end of manual validations! ✨
26 Nov 2024
Pydantic is a data validation and settings management library for Python. It uses Python type hints to validate and parse data, ensuring that your code works with properly structured and typed data. By leveraging Python’s dataclass-like model structu
Hot Tools
PHP common form validation classes
PHP common form validation classes
PHP code to implement form data validation class library
PHP code to implement form data validation class library
validationdata validation library
validationdata validation library
Fully functional php validation class
Fully functional php validation class
validation-Laravel's validation library
validation-Laravel's validation library