Tilted Forum Project Discussion Community - View Single Post

ratbastid · 03-24-2006, 06:55 AM

Well, look.... Using regular expressions doesn't magically make your input secure. That would be like saying, I want to make a pie. I have apples. Do apples make a good pie? Like, yes, but there's a whole lot more to it than that.

Anything you could do with a regular expression you could do with a whole bunch of strpos() calls. WAY less efficiently, but... preg_match() is a powerful tool, but it's really just another tool.

There are LOTS of php snippets out there that sanitize inputs. I recommend you google a little bit and see what you find. You really don't want to be rolling your own, when it comes to security. Especially if you're at the stage where you're asking questions like this--no offense, but the question tells me you don't have a huge amount of experience with this. Go find a script written by an expert; it's not smart to take chances with security.

03-24-2006, 06:55 AM	#2 (permalink)
ratbastid Darth Papa Location: Yonder	Well, look.... Using regular expressions doesn't magically make your input secure. That would be like saying, I want to make a pie. I have apples. Do apples make a good pie? Like, yes, but there's a whole lot more to it than that. Anything you could do with a regular expression you could do with a whole bunch of strpos() calls. WAY less efficiently, but... preg_match() is a powerful tool, but it's really just another tool. There are LOTS of php snippets out there that sanitize inputs. I recommend you google a little bit and see what you find. You really don't want to be rolling your own, when it comes to security. Especially if you're at the stage where you're asking questions like this--no offense, but the question tells me you don't have a huge amount of experience with this. Go find a script written by an expert; it's not smart to take chances with security.