Protected from injection? You decide.

Discussions of secure PHP coding. Security in software is important, so don't be afraid to ask. And when answering: be anal. Nitpick. No security vulnerability is too small.

Moderator: General Moderators

User avatar
Mordred
DevNet Resident
Posts: 1579
Joined: Sun Sep 03, 2006 5:19 am
Location: Sofia, Bulgaria

Re: Protected from injection? You decide.

Post by Mordred »

1. Nah, you'll forget to remove it, or miss a place or two in the code. trigger_error() is the way (it is controlled by the same error reporting mechanisms that should let error reporting be on in development and off on release)
2. Yes, but it may not suit the business logic all the time. You gotta be careful when you apply this.
Post Reply