#1
  1. A Change of Season
    Devshed Loyal (3000 - 3499 posts)

    Join Date
    Mar 2004
    Location
    Next Door
    Posts
    3,247
    Rep Power
    220

    IS this validation secure enough?


    I know it's not the best way... is it secure though?
    PHP Code:

    public function index($email=null,$email_clicked=0,$plc=NULL)
            {
                
    $this->validate_plc($plc);
                            
    $this->do_things();
                   }

    private function 
    validate_plc($plc=NULL)
            {
                
    $valid_plcs = array(1,2,3,4);
                if(
    $plc==NULL)
                    {
                        
    redirect(base_url('mastery-entry/1'));
                    }
                if(!
    in_array($plc$valid_plcs))    
                    {
                        
    redirect(base_url('mastery-entry/2'));
                    }
                
    $this->data['plc']=$plc;    
            } 
    Last edited by English Breakfast Tea; October 12th, 2017 at 11:26 PM.
  2. #2
  3. Wiser? Not exactly.
    Devshed God 2nd Plane (6000 - 6499 posts)

    Join Date
    May 2001
    Location
    Bonita Springs, FL
    Posts
    6,123
    Rep Power
    4103
    Does your redirect function exit;? If not then your do_things method may still run with invalid data.
    Recycle your old CD's



    If I helped you out, show some love with some reputation, or tip with Bitcoins to 1N645HfYf63UbcvxajLKiSKpYHAq2Zxud
  4. #3
  5. A Change of Season
    Devshed Loyal (3000 - 3499 posts)

    Join Date
    Mar 2004
    Location
    Next Door
    Posts
    3,247
    Rep Power
    220
    Originally Posted by kicken
    Does your redirect function exit;? If not then your do_things method may still run with invalid data.
    I am pretty sure it does?

IMN logo majestic logo threadwatch logo seochat tools logo