aboyce
Reputation: 49
Correct way to sanitize and secure file_get_contents('php://input')
Lets say you have a front end app sending reqiests to a php backend. On the front end:
fetch("/", {
method: "POST",
body: JSON.stringify({
"data": myData,
})
})
On the backend:
$body = file_get_contents('php://input');
$columns = json_decode($body, true);
if (!is_array($columns)) {
return json_encode("Invalid message body. " . $body);
}
What security considerations do I need to give to accessing file_get_contents('php://input')? Is columns safe to use or do I need to call some function like sanitizeArray($columns), if so does php have a function like sanitizeArray.
Upvotes: 0
Views: 119
Answers (0)
Related Questions
- How can I sanitize user input with PHP?
- How do I get the current date and time in PHP?
- How to post data in PHP using file_get_contents?
- How do you parse and process HTML/XML in PHP?
- startsWith() and endsWith() functions in PHP
- Secure hash and salt for PHP passwords
- How to secure database passwords in PHP?
- "Notice: Undefined variable", "Notice: Undefined index", "Warning: Undefined array key", and "Notice: Undefined offset" using PHP
- file_get_contents('php://input'); with application/x-www-form-urlencoded;