WebApp Sec mailing list archives
Re: PHP variable sanitization functions
From: Slow2Show <sl2sho () yahoo com>
Date: 27 Aug 2003 01:33:41 -0000
In-Reply-To: <20030826112339.9708.qmail () operamail com>
// sanitize_int($integer) -- input integer, returns ONLY the integer (no
extraneous
// characters
// sanitize_float($float) -- input float, returns ONLY the float (no
extraneous
// characters)
any reason those are needed? why can't we just cast? it is shorter and
faster...and gets the same result!
echo "A forced integer=" . (int)$_GET['int_var'] ."\n".
"a forced float=" . (float)$_GET['float_var'] . "\n";
lata,
-Slow2Show-
Current thread:
- Re: PHP variable sanitization functions, (continued)
- Re: PHP variable sanitization functions Ulf Harnhammar (Aug 26)
- Re: PHP variable sanitization functions Jan Pieter Kunst (Aug 26)
- Re: PHP variable sanitization functions Cameron Green (Aug 26)
- Re: PHP variable sanitization functions Jan Pieter Kunst (Aug 27)
- Re: PHP variable sanitization functions Cameron Green (Aug 27)
- Re: PHP variable sanitization functions Gavin Zuchlinski (Aug 28)
- Re: PHP variable sanitization functions Jean-Jacques Halans (Aug 29)
- Looking for coder.htm / ASCII encoder n30 (Aug 29)
- Re: PHP variable sanitization functions Jan Pieter Kunst (Aug 26)
- Re: PHP variable sanitization functions Ulf Harnhammar (Aug 26)
- Re: PHP variable sanitization functions Tim Tompkins (Aug 29)