Validate url parameters in php [closed] Validate url parameters in php [closed] php php

Validate url parameters in php [closed]


php validation .htaccess url mod-rewrite

I would say to use these rules:

RewriteRule ^([a-z0-9]+)/?$ page.php?page=$1 [L,NC]RewriteRule ^property/([0-9]+)/?$ property.php?pid=$1 [L,NC]

this way if someone enters any characters other than letters and numbers (for pages) and numbers (for property) it will show a page not found.

If you want really to be sure, you can

$page = mysql_real_escape_string($_GET['page']); just make sure your database connection is open and you can cast the pid like $propertyid = (int)$_GET['pid'];

php validation .htaccess url mod-rewrite

i think with page parameter you should have a list of acept pages, then after get 'page', you check if 'page' is in accept list.For example :

$arr_pages = ('page1','page2','page3');$page = $_GET['page'];if(in_array($page,$arr_pages)){// do some thing}else{ // page not found}

And id :

$propertyid = intval($_GET['pid']);

hope this help :)

Recent Posts
How can I color dots in a xy scatterplot according to column value?
How to update a claim in ASP.NET Identity?
What does {0} mean when initializing an object?
Accessing members of items in a JSONArray with Java
How to log SQL statements in Spring Boot?
Powershell Get-WebSite name parameter is ignored
How to detect scroll to bottom of html element
Java synchronized method
How to test controllers with CodeIgniter?
Detect Visual Composer
Matplotlib: Specify format of floats for tick labels
Rails join a list of strings with commas and "and" before the last