Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
S
S
Sergey2015-11-14 10:37:16
PHP
Sergey, 2015-11-14 10:37:16

Is one regular expression enough?

Here is a regular expression, it removes everything except from a to z.

$url_path = preg_replace('/[^a-z]/', '', $url_path);

Examples of disputing the use of only such a method without
strip_tags($_GET['input_text']); 
$input_text = htmlspecialchars($input_text); 
$input_text = mysql_escape_string
I did not find. Can this method cause a vulnerability?

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

2 answer(s)
Report
X
xmoonlight, 2015-11-14
@chelovekmuravei

For URL: No. Can not.
And then - it all depends on the script code (for example, a router), which can open access even with a normal URL request.

Report
R
Rsa97, 2015-11-14
@Rsa97

Instead of such a collective farm, use better parameterized mysqli or PDO queries. It is high time to abandon mysql_, these functions have been deprecated for two years now.

Similar questions
S
Sergey Beresnev2011-02-14 06:55:12
Approach or implementation for form validation? 2Reply
I
Igor Samokhin2015-09-29 10:40:35
How to change complexion using imagick? 0Reply
D
danyfir2018-02-04 14:21:03
How to make a parser from VK? 5Reply
A
Alexander2020-04-17 16:22:29
How to fix the error without changing php versions? 1Reply
S
Sergey Gorchakov2015-09-29 16:53:41
How to set JS variables from Wordpress admin? 2Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question