Quoting Cliff Hirsch <[EMAIL PROTECTED]>:
I just discovered a hole in a white list validation technique I bored from a
PHP security book no, not Chris¹ book.
Beware in_array($_POST/GET[input¹], $whitelist)
Type matters. All input is string type and PHP will try to force type
matching.
So the input string securityhole¹ will match the int number 0.
This is the kind of thing that the third argument to in-array is for -
forces strict type checking:
http://us2.php.net/in-array
-chuck
_______________________________________________
New York PHP Community Talk Mailing List
http://lists.nyphp.org/mailman/listinfo/talk
NYPHPCon 2006 Presentations Online
http://www.nyphpcon.com
Show Your Participation in New York PHP
http://www.nyphp.org/show_participation.php
