|
|
Posted by Ben Ramsey on 11/15/05 00:13
On 11/14/05 3:38 PM, Richard Lynch wrote:
> Perhaps one should use:
> $_ICLEAN
> $_OCLEAN
> for Input and Output.
>
> $kosher = '/[^A-Za-z0-9\\',\\.-]/';
> $_ICLEAN['first_name'] = preg_replace($kosher, '', $_GET['first_name'];
> /* more code */
> $_OCLEAN['first_name'] = htmlentities($_ICLEAN['first_name']);
> echo "<p>$_OCLEAN[first_name] is way smarter than me.</p>\n";
>
> If you had anything other than $_OCLEAN in an echo and friends, then
> you would know you were screwing up.
I don't like $_OCLEAN primarily because I like Chris's suggestion of
using an output array that is named according to where the data is
going, so $url, $sql, $html, etc. But, with that in mind, it wouldn't be
too hard to use $_OCLEAN['url'], $_OCLEAN['sql'], and $_OCLEAN['html']
as arrays within the $_OCLEAN array.
--
Ben Ramsey
http://benramsey.com/
Navigation:
[Reply to this message]
|