regex - PHP are patterns still necessary or does filter_var take care of it all -


as reading article morning came across this

most people tend think of data validation immensely tedious process 1 either:

compares data want validate against every possible combination can think of. tries find golden regular expression match every possible combination.
a combination of two.
there obvious problems above listed:

it's absolutely time consuming. there high chance of error. fortunately, beginning version 5.2, php has included great function called filter_var takes away pain of data validation.

are patterns still neccessary or filter_var all.

if patterns mean regular expressions, answer question yes. why? built in filters may not sanitize or validate data how want. filters may overly broad, or may conform rigidly standards particular circumstance. filters many not conform standards @ all.

for example, filter_sanitize_email , filter_validate_email might might allow strange email addresses that, while technically legal in rfc sense, may undesirable depending on needs. developer, creator of application, decide want accept e-mail address.

the php filter creators understood 1 size fits impractical proposition. therefore, can supply own sanitizing/validating filter filter_callback , own validating filter using filter_validate_regexp. @ square one? better off?

the real question willing buy in , accept "filtering framework/methodology" established php filter system. i? use filter system first pass, use own crafted sanitizers , validators (yes, use both filter_callback , filter_validate_regexp on top of generic sanitizers/validators). true me when processing html forms, no longer use $_post , $_get. use filter_input_array() .

so, mr. smithyyy, don't reinvent wheel, think yourself. key using php filter system create system, , (like me) means wrapping filter functions in class. using various class properties might store predefined filters, 1 imagine system various methods, using loops, filter data, leaving final output of array, or bad 1 (which can take action on, based on particular circumstance). but, mr. wall of perl community notes, "there's more 1 way it."


Comments

Post a Comment

Popular posts from this blog

angularjs - ADAL JS Angular- WebAPI add a new role claim to the token -

i have created angular spa webapi backend using adal js authentication.as there no roles in ad, need manually add role claims in order give users access different api controllers. the roles stored in database. expecting inject claim through call webapi after authentication ad. webapi code might this. identity.addclaim(new claim("role", "user")); var ticket = new authenticationticket(identity, props); var accesstoken = startup.oauthbeareroptions.accesstokenformat.protect(ticket); is possible replace adal idtoken new token? is viable solution or there other better way handle this? as initial token generated azuread, possible edit token add new claim? appreciated. graph api supporting group claims. see here: http://justazure.com/azure-active-directory-part-4-group-claims/ if @ examples on page, users assigned groups , app can check group in claims. in current version of portal, need app manifest , modify it.
Read more

php - CakePHP HttpSockets send array of paramms -

i problem when make request (i can request). $link = 'http://uri/path/?param1=1&sid=2&sid=3&sid=4' $http = $httpsocket = new httpsocket(); $res = $httpsocket->get($link); if check request pr($http); i see : [line] => /url/path/?param1=1&sid%5b0%5d=2&sid%5b1%5d=3&sid%5b2%5d=4 http/1.1 and i'm getting empty response because server doesn't know parameters sid%5b0%5d=2 when try send parameters array : $data = array('param1' => '1', 'sid' => array('2','3', '4')); i see same changes %5b0%5d - additional indexes. how fix it? unfortunately , can not change server side, if send request in browser, i'll normal response in json format. when make request, can parameters this: $param1 = $_get['param1']; $sid= $_get['sid']; tip: use diferente names parameters. have multiples sid. use sid1, sid2, sid3... update: can parameters this:
Read more

node.js - Using Node without global install -

i'm working on few node & electron (atom shell) projects , i'm curious how them work without user having install node globally. i've seen few applications including node directory in project contains node.exe binary. how go setting node project use binary? edit: thought should add, i've searched everywhere answer this, unrelated results.
Read more