3,035
edits
Update:Archive/2.0/Developers Guide: Difference between revisions
Jump to navigation
Jump to search
Update:Archive/2.0/Developers Guide (view source)
Revision as of 03:29, 1 August 2005
, 1 August 2005→General Input Filtering Guidelines
No edit summary |
|||
| Line 129: | Line 129: | ||
==== General Input Filtering Guidelines ==== | ==== General Input Filtering Guidelines ==== | ||
* | * Filter all input properly. | ||
* After filtering, store things in arrays that make sense: | |||
** $sql - array of SQL-safe variables. | ** $sql - array of SQL-safe variables. | ||
** $clean - array of raw but trusted variables. | ** $clean - array of raw but trusted variables. | ||
* Do not escape these for HTML output; that is handled by Smarty's |escape function, and does not need to happen in your PHP scripts. | * Do not escape these for HTML output; that is handled by Smarty's |escape function, and does not need to happen in your PHP scripts. | ||