appdb security
Christoph Frick
frick at sc-networks.de
Fri Jun 9 02:26:27 CDT 2006
On Thu, Jun 08, 2006 at 06:44:15PM -0500, EA Durbin wrote:
> function makeSafe( $var )
> {
> $var = trim( addslashes( $var ) );
> return $var;
> }
>
>
> $clean['var1'] = makeSafe( $_REQUEST['var1'] );
> $clean['var2'] = makeSafe( $_REQUEST['var2'] );
sorry for only throwing things at you guys and not providing any code -
but i am currently packed with work :/
why dont create a object, that wrapps the request and makes it "safe".
then fixing the app is not more like sed action and you can handle stuff
in future as you like:
$_REQUEST[(['"][^'"]+['"])] -> Request::get(\1)
--
cu
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 163 bytes
Desc: not available
Url : http://www.winehq.org/pipermail/wine-devel/attachments/20060609/5f618ab2/attachment.pgp
More information about the wine-devel
mailing list