View Full Version : Variable declaration and sanitization!
v0xb0x
07-04-2008, 05:09 AM
I have a series of variables I am declaring in a plug-in that fires in global_start.
These variables are all strings.
What is the best way to sanitize the variables? Currently, I am declaring them like this:
$ccDiscVar = '';
$ccHomeVar = '';
$ccCaleVar = '';
$ccBaseCity = '';
$urlArray = '';
[CODE FOLLOWS]
Thanks for any comments.
Antivirus
07-04-2008, 05:39 PM
If you're getting them from $_POST, $_GET, or $_REQUEST, they should be cleaned using the $vbuletin->GPC class. There's a really good tuitorial in the articles section about this
Dismounted
07-05-2008, 06:14 AM
If you're getting them from $_POST, $_GET, or $_REQUEST, they should be cleaned using the $vbuletin->GPC class. There's a really good tuitorial in the articles section about this
You mean the input cleaner class ;), $vbulletin->input. $vbulletin->GPC simply holds cleaned values.
You can also clean any value you want, not just GPC (get, post, cookies), using the input cleaner.
v0xb0x
07-06-2008, 09:48 PM
You mean the input cleaner class ;), $vbulletin->input. $vbulletin->GPC simply holds cleaned values.
You can also clean any value you want, not just GPC (get, post, cookies), using the input cleaner.
Understood.
Thanks for the reply.
I'll investigate the article.
Appreciate the help.
vBulletin® v3.8.12 by vBS, Copyright ©2000-2024, vBulletin Solutions Inc.