WebApp Sec mailing list archives
Re: PHP variable sanitization functions
From: Slow2Show <sl2sho () yahoo com>
Date: 27 Aug 2003 01:33:41 -0000
In-Reply-To: <20030826112339.9708.qmail () operamail com> // sanitize_int($integer) -- input integer, returns ONLY the integer (no extraneous // characters // sanitize_float($float) -- input float, returns ONLY the float (no extraneous // characters) any reason those are needed? why can't we just cast? it is shorter and faster...and gets the same result! echo "A forced integer=" . (int)$_GET['int_var'] ."\n". "a forced float=" . (float)$_GET['float_var'] . "\n"; lata, -Slow2Show-
Current thread:
- Re: PHP variable sanitization functions, (continued)
- Re: PHP variable sanitization functions Ulf Harnhammar (Aug 26)
- Re: PHP variable sanitization functions Jan Pieter Kunst (Aug 26)
- Re: PHP variable sanitization functions Cameron Green (Aug 26)
- Re: PHP variable sanitization functions Jan Pieter Kunst (Aug 27)
- Re: PHP variable sanitization functions Cameron Green (Aug 27)
- Re: PHP variable sanitization functions Gavin Zuchlinski (Aug 28)
- Re: PHP variable sanitization functions Jean-Jacques Halans (Aug 29)
- Looking for coder.htm / ASCII encoder n30 (Aug 29)
- Re: PHP variable sanitization functions Jan Pieter Kunst (Aug 26)
- Re: PHP variable sanitization functions Ulf Harnhammar (Aug 26)
- Re: PHP variable sanitization functions Tim Tompkins (Aug 29)