Jump to content
jimfog

netbeans message about superglobal arrays

Recommended Posts

I am using netbeans to code PHP...when using a superglobal array such as $_POST for example I get frequent the message that I should not access them directly for security reasons.

I know the reason behind that and and the solution(filter_input).

 

The question is if it is so safety critical that I should use filter_input in superglobals.

Where it is critical,such as in database inserts I use prepared statements...but what about in other cases?

Such as this for example:

   if(trim($_POST['email'])=='')
            {
        //do this
          
            }

Must I use a filtering function?

Share this post


Link to post
Share on other sites
4 hours ago, dsonesuk said:

If the code is not sanitized and printed to page it could print malicious code.

Ι assume that this means using after all filter_input()

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...

×
×
  • Create New...