Want to improve this question? Add details and clarify the problem by editing this post.
Closed 1 year ago.
开发者_如何学JAVA Improve this questionI was wondering how would you sanitize the $_SERVER['REQUEST_URI'], $_POST['email'] and $url code in the code snippets below using PHP.
I'm using PHP Version 5.2.14
Code Snippets.
<form method="post" action="<?php $_SERVER['REQUEST_URI']; ?>">
</form>
$email = $_POST['email']; //Grabs the email address
$page_url = $url; //Grabs the pages url address.
Use filter_var functions.
// url
filter_var($url, FILTER_VALIDATE_URL)
// email
filter_var('me@example.com', FILTER_VALIDATE_EMAIL)
Except in some very particular cases you should never 'sanitize' input - only ever validate it. (Except in the very particular cases) the only time you change the representation of data is where it leaves your PHP - and the method should be appropriate to where the data is going (e.g. htmlentities(), urlencode(), mysql_real_escape_string()....).
(the filter functions referenced in other posts validate input - they don't change its representation)
![Interactive visualization of a graph in python [closed]](https://www.devze.com/res/2023/04-10/09/92d32fe8c0d22fb96bd6f6e8b7d1f457.gif)
加载中,请稍侯......
精彩评论