Become a Patron!

My Amazon wishlist can be found here.

Life Line

Input Filter

With the extreme amount of security holes in PHP applications it looks like PHP is too blame. I don't agree with that statement as it's always up to the developers of those Great Project to write solid applications, not PHP.

This does not mean that PHP can't offer better functionality to allow users deal with input parameters more safely. Point #3 of Rasmus' PHP 6 Wishlist is a filter extension to replace the arcane input handling functionality that is in PHP now. Although it's very flexible, using input validation is still a fine art. With input from many others, I wrote an RFC for the filter extension, which you can find online here . We will also be using this in a library component for eZ publish, as part of our Component library.


This article has a short URL available:


No comments yet

Add Comment


Will not be posted. Please leave empty instead of filling in garbage though!

Please follow the reStructured Text format. Do not use the comment form to report issues in software, use the relevant issue tracker. I will not answer them here.

All comments are moderated