Why is better to use filter_input()? Why is better to use filter_input()? php php

Why is better to use filter_input()?


php security filter

It's not. $_GET, $_POST, $_COOKIE and $_REQUEST are filtered with default filter. filter_input(INPUT_POST, 'pwd') without additional parameters also uses the default filter. So there is no difference at all.

php security filter

Any data which is sent from the client (such as POST data) should be sanitized and escaped (and even better, sanity-checked) to ensure that it isn't going to kill your website.

SQL Injection and Cross-site scripting are the two largest threats for failing to sanitize your user-sent data.

php security filter

It is not better.

Please see docs on filter_input http://www.php.net//manual/en/function.filter-input.php

and click the "Types of Filters" link.http://www.php.net/manual/en/filter.filters.php

I have only ever used the integer filter ...

$user_id = filter_input(INPUT_POST, 'user_id', FILTER_SANITIZE_NUMBER_INT);$user = abs($user_id); // To get rid of any +/-

Recent Posts
How can I color dots in a xy scatterplot according to column value?
How to update a claim in ASP.NET Identity?
What does {0} mean when initializing an object?
Accessing members of items in a JSONArray with Java
How to log SQL statements in Spring Boot?
Powershell Get-WebSite name parameter is ignored
How to detect scroll to bottom of html element
Java synchronized method
How to test controllers with CodeIgniter?
Detect Visual Composer
Matplotlib: Specify format of floats for tick labels
Rails join a list of strings with commas and "and" before the last