[nycphp-talk] using unpack in form reading
jon baer
jonbaer at jonbaer.net
Wed Feb 11 05:37:16 EST 2004
i have not seen it but can unpack be used to prevent sql injections?
i tend to have strict fixed length for my stuff and have noticed if i do an
unpack on an incoming variable it seems safe:
$id = array_shift(unpack("A2id", $_POST['id']));
is this overkill?
- jon
pgp key: http://www.jonbaer.net/jonbaer.asc
fingerprint: F438 A47E C45E 8B27 F68C 1F9B 41DB DB8B 9A0C AF47
More information about the talk
mailing list