Home/ Questions/Q 6947229
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-27T13:40:03+00:00

Is the following a valid way to validate some info coming from a post?

  • 0

Is the following a valid way to validate some info coming from a post?

function validate($age, $name, $sex) {
    $pdo = new PDO(...);
    $age = (int)$age;
    $name = $pdo -> quote($name);
    $sex = (strtolower($sex) == "m" ? "m" : "f");

    // and then process data with pdo's query method.
}

Do you see any security flaw in this function? If yes, can you help me to fix them?

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    That’s totally valid and secure as you won’t receive any SQL Injections. Btw, if you will repeat the query, rather than pdo->query go for prepared statements.

    • 0