one function for all security threats?
Moderator: General Moderators
- Maugrim_The_Reaper
- DevNet Master
- Posts: 2704
- Joined: Tue Nov 02, 2004 5:43 am
- Location: Ireland
I'm pretty sure he was referring to an array based Front Controller - if the GET value does not match a listed page then the user would be shown an error. In the absence of a specific format that would work. Might still be useful to check what you intend allowing in the GET value - will it be alphanumeric only? Then you can check its valid quickly using ctype_alnum(), for example.
Mixed pixiedust, LOL!arborint wrote:That has been depricated ... use:The Ninja Space Goat wrote:yea it's awesome_magical_super_wonder_function()![]()
awesome_magical_real_super_wonder_function([mixed $pixiedust])
Ever since the magic_quotes fiasco, one would imagine PHP designers should have learned, eh
Unfortunately (?) this forum's policy doesn't allow us to discuss penetration tactics, but if you show some code, then we can discuss concrete problems with it.anyone got any pieces of code which i can try and inject into my site?
- Christopher
- Site Administrator
- Posts: 13596
- Joined: Wed Aug 25, 2004 7:54 pm
- Location: New York, NY, US
Why PHP does not have Request, Response, Filterchain and Validator classes in SPL after all this time is beyond me (they must be busy working on RecursiveSeekableCachingDirectoryRegexpIteratorIteratorMordred wrote:Ever since the magic_quotes fiasco, one would imagine PHP designers should have learned, eh
(#10850)