5 Input Validation
This chapter covers the concept of input validation and shows you practical ways to sanitize the data coming into your application. If you learn only one thing from this book, let it be this: If you sanitize each and every piece of data that comes into your application, you will prevent a lot of the most common types of attacks.
New Feature: Allow Users to Sign Their Guestbook Comments
So far we’ve kept things simple and allowed only one input field in the guestbook—a text area for comments. In this chapter, we’re going to give visitors the capability to enter their names as well.
Let’s take a look at the new feature code:
<?php// Create user interface$html = beginHtml();$html .= "Please enter your comment here: "; ...
Get Securing PHP Web Applications now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.