PHP文献译文[原创]

《PHP文献译文[原创]》由会员上传分享，免费在线阅读，更多相关内容在教育资源-天天文库。

1、TranslatedBySissiZengInputValidationUsingFilterFunctionsI’dliketostartoffthisarticlebythankingyouformakingiteventhisfar.I’mfullyawarethat“InputValidationUsingFilterFunctions”isn’texactlythesexiestarticletitleintheworld!FilterfunctionsinPHPmightnotbesexy,buttheycan

2、improvethestability,security,andevenmaintainabilityofyourcodeifyoulearnhowtousethemcorrectly.InthisarticleI’llexplainwhyinputvalidationisimportant,whyusingPHPsbuilt-infunctionsforperforminginputvalidationisimportant,andthenthrowtogethersomeexamples(namelyusingfilt

3、er_input()andfilter_var()),discusssomepotentialpitfalls,andfinishwithanice,juicycalltoaction.Soundgood?Let’sgo!lWhyInputValidationisImportantInputvalidationisoneofthemostimportantthingsyoucandotoensurecodesecuritybecauseinputisoftentimestheonethingaboutyourapplica

4、tionyoucannotdirectlycontrol.Becauseyoucannotcontrolit,youcannottrustit.Unfortunately,asprogrammersweoftenwritethingsthinkingonlyofhowwewantthemtowork.Wedon’tconsiderhowsomeoneelsemightwanttomakethemwork–eitheroutofcuriosity,ignorance,ormalice.Iamnotgoingtogointot

5、oomuchdetailaboutthetroubleyoucangetintoifyoudonotvalidateuserinput;there’sareallygoodarticleonthisverysitecalledPHPSecurity:Cross-SiteScriptingAttacksifyouwanttoreaduponit.ButIwillsaythatvalidatingyourinputisthefirststeptoensuringthatthecodeyouhavewrittenwillbeex

6、ecutedasintended.MaybeyouarecomingtoPHPfromanotherlanguageandyoumightbethinking,“thiswasneveranissuebeforesowhyshouldIcare?”ThereasonvalidationisanissueisbecausePHPislooselytyped.ThismakesPHPgreatforsomethings,butitcanmakethingslikedatavalidationalittlebittrickier

7、becauseyoucanprettymuchpassanythingtoanything.lWhyUsingBuilt-inMethodsisImportantInordertotryandmakevalidationalittlebiteasier,fromPHP5.2.0onwardwecannowusethefilter_input()andfilter_var()functions.I’lltalkabouttheminmoredetailsoon,butfirstIwanttotalkaboutwhywesho

8、uldbeusingPHPprovidedfunctionalityinsteadofrelyingourownmethodsorthird-partytools.Whenyourollyourownvalidationmethods,yougenerallyfallintothesametraptha