Tidy Code
Posted: Mon Apr 09, 2007 2:56 am
I have learnt some stuff recently about tidy and thus more secure code...
Mainly using arrays for all data to be processed:
All input from $_GET, $_POST etc to be stored in an array eg $input()
Cleaned up (checked it is safe and what I wanted) input in a different array $clean()
Outputed data to browser where no html tags are wanted in another array $html() where htmlentities() has been applied
Outputed data to mysql stored in $mysql() which has been escaped
What other principles for tidier and more secure coding are there?
Mainly using arrays for all data to be processed:
All input from $_GET, $_POST etc to be stored in an array eg $input()
Cleaned up (checked it is safe and what I wanted) input in a different array $clean()
Outputed data to browser where no html tags are wanted in another array $html() where htmlentities() has been applied
Outputed data to mysql stored in $mysql() which has been escaped
What other principles for tidier and more secure coding are there?