Reputation: 787
PHP sanitisation for user input
I've read a lot of debate on the pros and cons of sanitising user input and there doesn't appear to be a definitive answer either way.
My scenario is that I am collecting email addresses via a HTML/jQuery form so that those email addresses can be used in a mailing list. There will be no retrieval from the database at this stage, therefore no usage of JSON, XML etc.
Do I need to be worried about sanitising user input or not? A good number of people seem to be saying that sanitisation on the way in isn't needed whilst others say you should never underestimate the need to sanitise whenever you can.
Does anybody have any thoughts that would make this clearer?
Upvotes: 0
Views: 1312
Answers (6)
Reputation: 1234
Sanitizing any and all input, regardless of whether it will be used for output, is always a good idea, for the simple reason that it is input and therefore enacted upon in some way by code/compiler/system/etc. You may not need (per your use cases) to validate all the input (e.g. is an email address in the format of an email address vs is it a valid/working email address), but at least ensure a minimal set of sanitization functions to prevent XSS and SQL injections.
Upvotes: 1
Reputation: 197544
Input validation refers to the process of validating all the input to an application before using it. Input validation is absolutely critical to application security, and most application risks involve tainted input at some level. Many applications do not plan input validation, and leave it up to the individual developers. This is a recipe for disaster, as different developers will certainly all choose a different approach, and many will simply leave it out in the pursuit of more interesting development.
Read more: Data Validation
Upvotes: 0
Reputation: 429
Sanitization needs really vary based on use-case and datatype. For example, you're asking a user for an e-mail address. You will probably need to see if that e-mail already exists in your mailing list. If you don't have to, no problem. If you need to avoid duplicates and your mailing list system doesn't support it's own clean de-duping, it's generally safe and recommended to:
- trim() the e-mail input. Leading/trailing whitespace aren't meaningful parts of e-mails, removing them presents no risks, but it does make matching against e-mails more reliable/consistent.
- strtolower() the e-mail input. E-mails aren't case-sensitive, there's no real risk, and it makes matching more reliable/consistent.
Upvotes: 0
Reputation: 544
All user input should be sanitized. You can't trust a user to only submit valid input. That's not the way it works. There's always someone that'll try to test your code for weaknesses.
This goes for e-mail addresses as well. You should verify that it's a valid e-mail address before submitting it to the database.
Upvotes: 0
Reputation: 6389
Always do it. It will only take a few more minutes of your time. There really isn't a downside to it. Why risk it?
Upvotes: 1
Reputation: 1470
Two things are important at this point:
- Ensuring the user doesn't comprise your data: Prevent SQL Injections
See SQL Injection documentation here:
http://php.net/manual/en/security.database.sql-injection.php
- Validating the email address to ensure the user did input a correct email
http://www.linuxjournal.com/article/9585
Upvotes: 1
Related Questions
- Sanitizing form data in PHP
- PHP input sanitizer function?
- Sanitizing HTML input
- PHP - Properly validate and/or sanitize form input
- What is the real way to sanitize user input and output safely and conveniently
- Sanitize User Input via PHP
- Sanitizing Form Input for administrators
- Sanitizing user input, is it safe?
- PHP: Advice regarding how user input is "immunized"
- sanitizing pre-filled user-supplied form input