FIEO: Filtering Input with PHP’s Filter Functions

Brand-new PHP developers have drilled into their heads the concept of Filter Input, Escape Output (FIEO). This concept essentially insists that all user-provided content be filtered or escaped, without exception. With the delivery of PHP 5.2.0, this got a lot easier, because PHP included, by default, the Filter library.

Before the Filter library, doing something such as validating an email address often required an ugly regular expression along the lines of this:


Friday, August 28th, 2009 @ 6:30 am | Comment (21) | Categories: Best Practices, PHP 5
Tags: , ,

Copyright © 2024 by Brandon Savage. All rights reserved.