I have a php page. It recieves a value for id
via get. 2 simple questions:
1 - In my code this is used only once. In an if statement like:
if ($_GET['id']==1){
Things here....
}
That is the only use of this passed id value. Do I need to sanitize it or can I just leave it safely in the if statement without checking it? Can hackers penetrate through this?
2 - Would I need to sanitize it if I had assigned it to a variable like:
$idid=$_GET['id'];
if ($idid==1){
Things here...
}
Like before this is the only use of this variable, it will not be used in echo or mysql etc.