Re: Storing user entered data in the session

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



The data is displayed on the screen, and the user can change it as many
times as they want.
What do you think now Ash?


Mike

On Tue, Feb 16, 2010 at 9:29 AM, Ashley Sheridan
<ash@xxxxxxxxxxxxxxxxxxxx>wrote:

>  On Tue, 2010-02-16 at 09:07 -0500, Mike Alaimo wrote:
>
> Can anyone guide me here?  I have the desire to store user entered
> data into the session.  I am regexing it to be only a-zA-z0-9 and a
> space.  The data is stored in an object and then serialized before
> storing it into the session.  Does anyone see any potential security
> risks here?
>
> Thanks,
>
> Mike
>
>
>
> I think you're fine, I can't see any problems. I think most of the time you
> have to worry when you're actually doing something with the data, like
> inserting it into a file or database, or outputting it to a screen, as these
> are the times that injections can take place.
>
>   Thanks,
> Ash
> http://www.ashleysheridan.co.uk
>
>
>

[Index of Archives]     [PHP Home]     [Apache Users]     [PHP on Windows]     [Kernel Newbies]     [PHP Install]     [PHP Classes]     [Pear]     [Postgresql]     [Postgresql PHP]     [PHP on Windows]     [PHP Database Programming]     [PHP SOAP]

  Powered by Linux