Abstract
Your users’ data is useless if it isn’t used. And yet, paradoxically, that data is endangered by the very act of accessing it. Particularly dangerous are the accesses occasioned by users’ queries, submitted typically via form input. Legitimate users may accidentally make requests that turn out to be dangerous; illegitimate users will carefully craft requests that they know are dangerous, hoping that they can slip them past you.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
Rights and permissions
Copyright information
© 2010 Chris Snyder, Thomas Myer, and Michael Southwell
About this chapter
Cite this chapter
Snyder, C., Myer, T., Southwell, M. (2010). Validating and Sanitizing User Input. In: Pro PHP Security. Apress, Berkeley, CA. https://doi.org/10.1007/978-1-4302-3319-0_2
Download citation
DOI: https://doi.org/10.1007/978-1-4302-3319-0_2
Publisher Name: Apress, Berkeley, CA
Print ISBN: 978-1-4302-3318-3
Online ISBN: 978-1-4302-3319-0
eBook Packages: Professional and Applied ComputingApress Access BooksProfessional and Applied Computing (R0)