Home  >  Article  >  Backend Development  >  Summary of points to note about filtering input

Summary of points to note about filtering input

零下一度
零下一度Original
2017-06-14 11:58:241614browse

Filter input Filtering is the foundation of web application security. It is the process by which you verify the legitimacy of your data. By ensuring that all data is filtered upon entry, you can prevent tainted (unfiltered) data from being mistrusted and misused in your program. Most vulnerabilities in popular PHP applications ultimately result from improper input sanitization. By filtering the input, I mean three distinct steps: l Identify the input l Filter the input l Distinguish between filtered and contaminated data The reason for identifying the input as the first step is because if you don't know what it is, you can't filter it correctly. Input refers to all data that comes from outside. For example, all

1 sent from the client. PHP Security-Filter Input

Summary of points to note about filtering input

##Introduction: Filtering input Filtering is the foundation of web application security. It is the process by which you verify the legitimacy of your data. By filtering all data with confirmation when entering, you can avoid tainted (unfiltered) data in...

2. Alipay red envelope password sharing simple php Sharing code for writing into database

Introduction: Sharing Alipay red envelope password: Sharing Alipay red envelope password Simple PHP writing into database code sharing: I don’t know if the original work should be written in the essay . All right, first blog post. There are three classes: 1. Filter input (lightweight) class input_filter is responsible for converting parameters, such as $_GET, $_POST. These filter return value types are arrays, which are used as parameters of the made_sql class. 2. Convert into SQL statements class made_sql parameters. The type is array and table name (string), the key name of the array is the column name of the table, the value is the inserted value, the return value type is string, used as

##3.

Dont stop til you get enough php security filter function code

Introduction: Dont stop til you get enough:Dont stop til you get enough php security filter function code: Copy code The code is as follows: //Secure filter input[jb] function check_str($string, $isurl = false) { $string = preg_replace('/[\x00-\x08\x0B\x0C\x0E-\x1F]/',' ',$string); $string = str_replace(array("","%00","r"

4.

php security filter function code_PHP tutorial

Introduction: PHP security filtering function code. Copy the code as follows: //Secure filtering input [jb] function check_str($string, $isurl = false) { $string = preg_replace('/[\x00-\x08\x0B\x0C\x0E-\x1F]/','',$string); $string

##5.

Simple PHP writing database class code sharing_PHP tutorial

##Introduction: Simple PHP writing database class code sharing. I don’t know if it is original and should be written in the essay. All right. The first blog post. There are three classes: 1. Filter input (lightweight) class input_filter is responsible for filtering parameters such as $_GET, $_POST

##6. Learn the essence of PHP and write efficient PHP code safely_PHP tutorial

Introduction: Learn the essence of PHP and write efficient PHP code safely 1. Filter input and avoid output. Sometimes we abbreviate the phrase filter input, avoid output as FIEO, which has become a security mantra for PHP applications. 1. Use ctype to verify ctype:

7. php Detailed explanation and prevention of SQL injection_PHP tutorial

Introduction: Detailed explanation and prevention of SQL injection in PHP. One is that the input data is not filtered (filtered input), and the other is that the data sent to the database is not escaped (escaped output). These two important steps are indispensable

8. How to use PHP to filter metacharacters contained in input content

Introduction: How to use PHP to filter the metacharacters contained in the input content How to use PHP to filter the metacharacters contained in the input content ------Solution-------- ------------What metacharacters need to be filtered to solve the problem, such as '/?+/',$str ------Solution--------------------Sajia is very good at this. Sajia is here to help you. Hero, what function do you want to achieve? Regular expression () greedy.*Not greedy.*?An

9. php insurance filter function code

Introduction: php security filter function code php security filter function code to prevent users from malicious input. //Secure filter input[jb]function check_str($string, $isurl = false){$string = preg_replace('/[\x00-\x08\x0B\x0C\x0E-\x1F]/','',$ string);$string = st

10. How to use PHP to filter metacharacters contained in input content

Introduction: How to use PHP to filter the metacharacters contained in the input content How to use PHP to filter the metacharacters contained in the input content ------Solution------------ --------What metacharacters need to be filtered to solve the problem such as '/?+/',$str------Solution----------------------------- ----Sajia is very good at this. Sajia is here to help you. Hero, what function do you want to achieve? Regular expression () greedy.* Not greedy.*? Anxing

[Related Q&A recommendation]:

How to turn off automatic input filtering in php and output

The above is the detailed content of Summary of points to note about filtering input. For more information, please follow other related articles on the PHP Chinese website!

Statement:
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn