Sign Up to our social questions and Answers Engine to ask questions, answer people’s questions, and connect with other people.
Login to our social questions & Answers Engine to ask questions answer people’s questions & connect with other people.
Lost your password? Please enter your email address. You will receive a link and will create a new password via email.
Please briefly explain why you feel this question should be reported.
Please briefly explain why you feel this answer should be reported.
Please briefly explain why you feel this user should be reported.
I am new to PHP.
I have been advised to sanitize $_GET and $_POST. I have been following this advice.
However, if I just want to check the variable with
if(isset($_GET['login']))
do I need to do any sanitization on that?
Also, do I need to sanitize $_SESSION values I use?
No, you do not have to do any kind of sanitization or anything :
isset()will allow you to check if the variable (or item array, in your case) exists — and that’s pretty much it.Here, as you are testing whether the item/variable exists or not, you cannot sanitize it : to sanitize the data, you need it to exist.
Note, though :
isset()will returnfalseif that item exists, but isnull!Which, in the case of a
$_GETitem, will quite not probably happen.