I have been working with PHP for some time and I started asking myself if I had good habits I am developing.
One of these is that I get more and more on PHP encryption methods in belive, for example, a user registers through a form, and I get the following post variable:
$ _ POST [name '] , $ _ POST [' email '] and $ _ POST [' captcha '] . Now, what I usually do, apparently secures the data that I will keep in mysql, but when comparing the captcha, I also synchronize this.
So I think that I thought PHP sanitizing wrong, I'm curious, is there any other matter when you want to synchronize the data except when using it to keep some space in MySQL (note I know that sanitation is necessary to stop XTS attacks) and besides, everybody has a habit of sanitizing the variables coming from every user's input, is it bad?
Whenever you store your data in a location, and if that data is read (not available) for users So, you have to converge it, something that might change the user experience (not necessarily just the database) should be kept in mind, generally, all user inputs are considered unsafe, but in the next paragraph you will see that some Things Still Unredo Can be bitten, though I do not recommend anything to it
The content that happens on the client is only better than UX (for user experience, from the point of view of safety - think of JS verification - it is useless because it is easily accessible, but it is non-malicious Helping users communicate better with the website) But basically, this is not a loss, because that data is lost (good or bad) as soon as the session closes. You can always delete a webpage (on your machine) for yourself, but the problem occurs when someone can do it for others.
To answer your question more directly - do not worry about it as much as possible. It is always better to be safe than sorry, and costs are generally not more than a few milliseconds.
Comments
Post a Comment