Tips & Tricks: Input Filtering, Part 1 by Ben Ramsey

Tips & Tricks: Input Filtering, Part 1: Why Filter
by Ben Ramsey
php|architect
July 2005

From the introduction:

This year has seen an increased focus on PHP security, and this is good for the language, developers, and business community. One phrase that comes to mind when discussing secure coding practices is Chris Shiflett’s mantra of ‘filter input, escape output.’ While we know what this means in a general sense, practical examples elude us. Ben Ramsey provides part one of his input filtering series, chock full of code examples.

5 Comments

SeeBQ July 23, 2005 at 17:47

Nice work Ben! I picked up this mag on-line just the other day. Keep up the good work!

Chris Shiflett July 28, 2005 at 19:55

Maybe we should come up with an acronym for that - FIEO. Everyone loves acronyms. :-)

Christian July 30, 2005 at 12:14

I patented "FIEO" weeks ago ;-)

Les October 23, 2005 at 09:45

Any chance you could find it in yourself to publish outside php|arch since not all of us developers are subscribers, and do not warrent the subscription :eek:

Thank you.

Ben Ramsey October 23, 2005 at 15:12

Les, the problem with a technology magazine (any of them, as I understand it) is that the magazine owns the copyright on the articles/columns that authors publish in them. The copyright does not revert back to the author like it does in so many other markets. In short, I don't have the right to publish my articles anywhere else because I no longer own them.

However, the good folks at _php|architect_ may be willing to work with me on this, as they have done with Chris Shiflett, so I'll look into it and see what kind of agreement we can come to.

Thanks for your interest.