Clean POST and GET variable with Symfony Clean POST and GET variable with Symfony symfony symfony

Clean POST and GET variable with Symfony


php security symfony input request

So basically when it comes to sanitizing input, it should not be a part of the Request. This is because, sanitized input is really only a part of the security of your database.

As such, input is sanitized by Doctrine when it's passed to Doctrine. Basically, Doctrine automatically makes sure all input is sanitized. In broader sense, it is the responsibility of your Database Abstraction Layer to make sure that data passed to it is valid.

The same holds true for Propel.

So what I'm saying is that input sanitizing is not the responsibility of the Request object, so it does not provide the functionality to do so. This is in line with the Single Responsibility Principle, which you can read more about here: http://en.wikipedia.org/wiki/Single_responsibility_principle

If you want to validate data that is received through a Request, you can use the Validator Component to do so, there is also a Silex ServiceProvider for it:https://github.com/symfony/Validator

TLDR;Sanitizing input is not the responsbility of the Request, it is the responsibility of your DBAL(Database Abastraction Layer).

Recent Posts
How can I color dots in a xy scatterplot according to column value?
How to update a claim in ASP.NET Identity?
What does {0} mean when initializing an object?
Accessing members of items in a JSONArray with Java
How to log SQL statements in Spring Boot?
Powershell Get-WebSite name parameter is ignored
How to detect scroll to bottom of html element
Java synchronized method
How to test controllers with CodeIgniter?
Detect Visual Composer
Matplotlib: Specify format of floats for tick labels
Rails join a list of strings with commas and "and" before the last