Skip to Main Content
Secure Development for Mobile Apps
book

Secure Development for Mobile Apps

by J. D. Glaser
October 2014
Intermediate to advanced content levelIntermediate to advanced
472 pages
10h 44m
English
Auerbach Publications
Content preview from Secure Development for Mobile Apps
42
seCure develoPment For mobIle APPs
is the fastest implementation of a query. A speedy legacy equivalent to the PDO
implementation would be:
$id = intval($_GET['id']);
$result = mysql_query("SELECT name FROM users WHERE id = $id");
Explicitly casting to an integer type is also safe. A cast to an integer in PHP is done
like this:
$id = (int)$_GET['id'];
$result = mysql_query("SELECT name FROM users WHERE id = $id");
e output is:
SELECT name FROM users WHERE id = 55
After the cast, $id is a numeric integer and no longer a string representation.
Anypart that is not numeric is removed. Quoting and escaping are not needed as long
as the parameter is indeed an actual integer. Again, not a best practice, but important
to know and understand. e lack ...
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Start your free trial

You might also like

Developing with Web Standards

Developing with Web Standards

John Allsopp
Mobile Cloud Computing

Mobile Cloud Computing

Dijiang Huang, Huijun Wu

Publisher Resources

ISBN: 9781482209037