Filtering regular expressions from malicious users.

Discussions of secure PHP coding. Security in software is important, so don't be afraid to ask. And when answering: be anal. Nitpick. No security vulnerability is too small.

Moderator: General Moderators

Post Reply
rabw
Forum Newbie
Posts: 18
Joined: Tue May 29, 2007 5:57 pm

Filtering regular expressions from malicious users.

Post by rabw »

Hi everyone,

Firstly apologies if this is not a problem, I can't find anything extensive to say it is or isn't anywhere... only a few places I've stumbled upon say don't allow a user to enter things such as ";rm...." etc etc.

I wouldn't be surprised if this is an old thing, and by default newer versions of php are now setup to disallow anything that is potentially so harmful?

If this is something to watch out for, does anyone know of any tutorials anywhere that include a conclusive list of expressions that should be filtered out?

Thanks in advance.
Richard
Post Reply