www.webdeveloper.com
Results 1 to 4 of 4

Thread: Data Handling Musts for each tag

  1. #1
    Join Date
    Apr 2010
    Location
    Brooklyn NY
    Posts
    104

    Data Handling Musts for each tag

    What methods are musts for handling PHP Data?

    For example stripslashes($_POST['data']) is one, and I don't know too much bout others. I'd like other people's opinions.

  2. #2
    Join Date
    May 2010
    Location
    Effingham, IL
    Posts
    87

    addslashes

    There is a function that adds slashes to data entered into the database from a form to prevent an error when trying to enter data.

    addslashes($_POST['name']);
    Ryan Condron
    Freelance Web Developer
    http://www.rebelwebdevelopment.com

  3. #3
    Join Date
    Aug 2004
    Location
    Ankh-Morpork
    Posts
    19,176
    stripslashes() should only be needed if you have the deprecated magic_quotes_gpc "feature" enabled and you want to undo its damage. I use this method to deal with it if I'm unable to control whether it is on or off: http://www.charles-reace.com/blog/20...-magic-quotes/.

    Next step should be to validate that user-supplied inputs are valid (type, size, etc.) -- the sort of thing where if it's invalid you display an error message and have them re-enter it. At this point you may want to look at the filter_var() function, along with things like strlen() and the various ctype_*() functions.

    Sanitizing values for use in DB queries (e.g. mysql_real_escape_string()) is a separate issue, and normally should only be applied to the data in that specific instance, not globally such that the escaping would affect use of the data in non SQL situations.

    Similarly, filtering data for output with functions such as htmlentities() should normally only be done as/when it is being output to the browser (or whatever else needs to be filtered).

    So long story short: there's nothing "standard" I do for all user inputs, but rather it is based on the type of data and the situation.
    "Please give us a simple answer, so that we don't have to think, because if we think, we might find answers that don't fit the way we want the world to be."
    ~ Terry Pratchett in Nation

    eBookworm.us

  4. #4
    Join Date
    Apr 2010
    Location
    Brooklyn NY
    Posts
    104
    Thanks, that gives a good view point.

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
HTML5 Development Center



Recent Articles