Using $_GET

Discussions of secure PHP coding. Security in software is important, so don't be afraid to ask. And when answering: be anal. Nitpick. No security vulnerability is too small.

Moderator: General Moderators

User avatar
Benjamin
Site Administrator
Posts: 6935
Joined: Sun May 19, 2002 10:24 pm

Post by Benjamin »

WOWEEE you guys look for solutions to problems that don't exist. The OP asked how to securely validate an id, which is usually an integer, through a get request..

Code: Select all

$thread_id = (isset($_GET['thread_id']) && preg_match('#^\d{1,10}$#', $_GET['thread_id'])) ? $_GET['thread_id'] : null;
Post Reply