Paul Jones' Blog: Sanitation with PHP filter_var()
In working on a new filter for his Solar framework, Paul Jones discovered that the "float" sanitizer in the new filter extension (PHP 5.2+) doesn't quite work as expected. I found a problem with the...
View ArticleMattias Geniar's Blog: Input Validation: Using filter_var() Over Regular...
This recent post to Mattias Geniar's blog takes a look at an alternative to trying to catch every single thing that could be filtered on user input with a regular expression - the filter_var function....
View ArticleHashBangCode.com: Revisiting filter_var() and FILTER_VALIDATE_URL
From the HashBangCode.com site today there's a new post that revisits filtering with the filter_var function included with the language. The focus in this article is specifically in validating URLs...
View ArticleDreamInCode.com: Preventing PHP Mail(...) Header Injections
On the Dream In Code forums there's a recent post showing you how to prevent mail() header injections when taking user input, like from a form. PHP's mail() function is a very useful and powerful...
View ArticlePHPMaster.com: Input Validation Using Filter Functions
On PHPMaster.com today there's a good tutorial that gives you some methods to do one of the most important things in any application - validating input. Their examples show how to use some of PHP's...
View ArticleDavid Müller: Why URL validation with filter_var might not be a good idea
David Müller has a new post to his site today showing why validating URLs with filter_var is a good thing for the security of your application. Since PHP 5.2 brought us the filter_var function, the...
View Article