Chapter 4. USING PHP FILTERS TO VALIDATE USER INPUT
Failure to validate user input adequately—or even at all—is one of the main reasons that PHP is sometimes seen as having weak security. Part of the blame lies with the image PHP has often promoted of itself as being "easy to learn." Books and tutorials aimed at beginners often concentrate on the bare essentials of gathering input from an online form and sending it by email. As a result, inexperienced users find their web sites subject to malicious attacks from SQL injection or email header injection.
The problem with validation is that it's a tedious process, usually involving a lengthy series of ...
Get PHP Object-Oriented Solutions now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.