PHPDeveloper.org: Michael Girouard's Blog: FIEO with PHP 5 Interceptors

	News Feed
	Jobs Feed

Sections

Tutorials

Books

Events

Talks

Jobs

Recent Jobs

Job Posting: Vermont Information Processing Seeks Senior/Lead PHP Developer (Burlington, VT)

Job Posting: Mediware Blood Center Technologies Seeks PHP Software Developer (Jacksonville, FL)

PHP Zone: Can Learning Drupal Get You a Job?

Job Posting: Tilllate Media Seeks Senior PHP Developer (Glasgow, UK)

Job Posting: Agency Matrix Seeks Senior Application Developer (Addison, TX)

Job Posting: HUGE Seeks Freelance Zend/WordPress Developer (Brooklyn, NY)

Job Posting: Abbott Laboratories Seeks PHP Developer (Irving, TX)

Job Posting: BetFair Seeks Lead Software Engineer (Web)

Job Posting: Uplifting Innovations Seeks Lead PHP Developer (Portland, OR)

Job Posting: Ganz Seeks PHP Developer (Toronto, Ontario)

News Archive

P'unk Avenue Blog: Faster, PHP! Kill! Kill!

Jack Diederich's Blog: Comparing the Ruby/PHP/Python C Interpreters

Kovshenin.com: The Web Development Cycle Explained

Joomla Community Site: Creating a Joomla Template From Scratch

PHPBuilder.com: Ajax and PHP: The Simple Way

php|architect: oddWeek Episode #5

Chris Hartjes' Blog: Expand your programming mind: filters in Lithium

Raphael Stolt's Blog: Using MongoHq in Zend Framework based applications

Brian Swan's Blog: Consuming "Dallas" Data with PHP

Community News: Latest Releases from PHPClasses.org

Michael Girouard's Blog:
FIEO with PHP 5 Interceptors

by Chris Cornutt November 08, 2007 @ 08:41:00

Michael Girouard has a post on his blog about something that's becoming more and more wide-spread in the PHP community (thankfully) - filtering input from users and escaping the output to ensure the safety of your application.

The idea itself is simple. When data comes into your application, it must be filtered prior to it actually being used for any reason. This means all data. Form values, URL values, and yes, even the values in the forever useful $_SERVER superglobal. [...] Before leaving your application, data should be properly escaped with the specific output medium in mind.

Previously he showed how, using an interceptor method in PHP5, you could build "collections of data". He uses the same sort of method here, appling custom filters to the data based on the output call. Code is included for both the filtering interface and two example filters - one for SQL and the other for HTML.

You can also grab the code if you just want to play with that.

0 comments voice your opinion now!
fieo php5 interceptor filter input escape output fieo php5 interceptor filter input escape output

Similar Posts

Christopher Jones' Blog: Time for testing the final PHP 5.2 release

DevShed: Fetching Search Results as Serialized Arrays with Yahoo Web Services and PHP 5

PHPJack: Zend Framework's Future

DevShed: Simulating Events with PHP 5

Symfony Blog: Security must be taken seriously

Community Events

Don't see your event here?
Let us know!

All content copyright, 2010 PHPDeveloper.org :: info@phpdeveloper.org - Powered by the Solar PHP Framework