Home/ Questions/Q 4045160
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-20T13:23:09+00:00

My PHP is very rusty. I have a md5 hash that’s being passed via

  • 0

My PHP is very rusty. I have a md5 hash that’s being passed via get to a script and then I’m grabbing it like this:

$id = $_GET['id'];

Obviously there’s a security risk here…I was thinking of checking the string length to make sure it’s 32 characters long but that doesn’t seem very robust to me. What else could I do to make it more secure?

thanks

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    You could validate with a regex to make sure it consists of only alphanumeric characters.

    E.g. something like this (my PHP is rusty too):

    if(preg_match("/^[A-Fa-f0-9]{32}$/", $id) > 0) {
    // All good
}
    • 0