PHP Developers Network

A community of PHP developers offering assistance, advice, discussion, and friendship.
 
Loading
It is currently Thu Jul 09, 2020 10:17 pm

All times are UTC - 5 hours




Post new topic Reply to topic  [ 4 posts ] 
Author Message
PostPosted: Wed Mar 16, 2005 11:30 pm 
Offline
DevNet Master
User avatar

Joined: Mon Oct 25, 2004 9:29 pm
Posts: 3698
Location: New Jersey, US
I've been deliberating over this for some time now, because in the past I implemented it in an ad hoc way, so now I want to choose one or the other.

What are the advantages and disadvanteges of inbound sanitation, and what about outbound sanitation?

A few reasons I can think off my head:

Inbound sanitation is good because it only requires data to be sanitized once: whereas outbound sanitation must be executed every time the page is loaded (unless you cache it). Outbound sanitation, however, is easily adaptable and can be changed quickly, whereas a change in an inbound sanitation scheme would require the new rules be applied to everything in the database.

What else? Does it matter depending on what you're storing?


Top
 Profile  
 
 Post subject:
PostPosted: Wed Mar 16, 2005 11:39 pm 
Offline
Neighborhood Spidermoddy
User avatar

Joined: Mon Mar 29, 2004 4:24 pm
Posts: 31559
Location: Bothell, Washington, USA


Top
 Profile  
 
 Post subject:
PostPosted: Thu Mar 17, 2005 7:21 am 
Offline
Jedi Mod
User avatar

Joined: Tue Dec 21, 2004 6:03 pm
Posts: 5263
Location: usrlab.com
I do inbound usually, but I also store a copy of the original data, so if the rules change I can just apply them to the original and not have to muck about trying to alter something thats been changed before.


Top
 Profile  
 
 Post subject:
PostPosted: Fri Mar 18, 2005 6:13 pm 
Offline
Forum Contributor
User avatar

Joined: Sun Feb 06, 2005 12:22 pm
Posts: 124
Both.

Filter input. Escape output. Abide by those rules, and you'll develop more secure PHP applications than 99% of PHP developers. :-)


Top
 Profile  
 
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 4 posts ] 

All times are UTC - 5 hours


Who is online

Users browsing this forum: No registered users and 5 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Jump to:  
Powered by phpBB® Forum Software © phpBB Group