Chris Shiflett wrote:
Graham Anderson wrote:
Is there a way to loop thru all of these GET requests by:
putting the GET variables into an array
processing the variable strings with trim/striptags/etc in a loop
exploding the variables back out into separate variables
otherwise this gets a bit tedious
Proper filtering is necessarily tedious. There is no way to filter a
last name, a server name, a file name, an IP address, a ZIP code, and a
comment with the same function. Those who try wind up creating a "lowest
common denominator" filtering function, or they confuse filtering with
escaping (as demonstrated by some of the replies).
As a good friend of mine likes to say, you have to get your hands dirty.
Chris,
While I'm not disagreeing with your statements, the OP didn't ask
specifically for filtering IIRC. His example usage of strip_tags() etc
made me think that he just wanted to remove any security issues, which
is why I (and several others) gave him the escaping functions.
While it's a bit annoying to find someone's put their email address in
their postal address field, it's not a security issue in most contexts.
That's not to say that proper filtering for such problems isn't very
useful though.
Jasper
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
