I have learnt some stuff recently about tidy and thus more secure code...
Mainly using arrays for all data to be processed:
All input from $_GET, $_POST etc to be stored in an array eg $input()
Cleaned up (checked it is safe and what I wanted) input in a different array $clean()
Outputed data to browser where no html tags are wanted in another array $html() where htmlentities() has been applied
Outputed data to mysql stored in $mysql() which has been escaped
What other principles for tidier and more secure coding are there?
Tidy Code
Moderator: General Moderators
- RobertGonzalez
- Site Administrator
- Posts: 14293
- Joined: Tue Sep 09, 2003 6:04 pm
- Location: Fremont, CA, USA
- Ollie Saunders
- DevNet Master
- Posts: 3179
- Joined: Tue May 24, 2005 6:01 pm
- Location: UK
Code by these