Wednesday 5 June 2019

php - Why is better to use filter_input()?



This should be a elementary question but why is better to use something like this:



$pwd = filter_input(INPUT_POST, 'pwd');



Instead of just:



$pwd = $_POST['pwd'];


PS: I understand that the filter extension can be used with more arguments to provide an additional level of sanitization.


Answer



It's not. $_GET, $_POST, $_COOKIE and $_REQUEST are filtered with default filter. filter_input(INPUT_POST, 'pwd') without additional parameters also uses the default filter. So there is no difference at all.



-

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

php - file_get_contents shows unexpected output while reading a file

I want to output an inline jpg image as a base64 encoded string, however when I do this : $contents = file_get_contents($filename); print &q...