down00111 2014-10-27 20:12
浏览 49
已采纳

从_Request,_Post和_Get修剪空间的缺点?

Problem

I have an issue on a rather large platform where users can enter data that contains spaces at the beginning and at the end of the input. This causes issues. I know that I can modify the JavaScript validation, but this website has a tremendous amount of pages and forms. Finding and changing each occurrence would be a nightmare.

Workaround

Since all the forms and pages share index.php, I thought of the idea of intercepting the request/get/post variables before any controller/routing processing is handled by the platform.

Note: I am aware that this is an extremely cheap way of going about it. But actions must be taken immediately until I can at least work on doing it the right way. This is functioning perfectly as it is. I just have a couple concerns.

$_REQUEST   = array_map('trim',$_REQUEST);
$_GET       = array_map('trim',$_GET);
$_POST  = array_map('trim',$_POST);

Conerns

  1. Are there any actual legitimate scenarios where this code would error on?

  2. Is there a major performance hit?

  3. Are there any security flaws?

  4. Are there risks of data integrity being sabotaged with trim()?

  • 写回答

2条回答 默认 最新

  • dongyi5817 2014-10-27 20:20
    关注
    1. I can't think of any. Trim would simply trim leading and trailing spaces of a string. However, it would fail on nested arrays.
    2. This, ofcourse affects performance but it's nothing major. Do however note that this is running on each and every single index.php call, even if there was no post data.
    3. Trim wouldn't cause security flaws. If you're validating and sanitizing user input in latter pages where you format the data, then there shouldn't be any.
    4. I can't answer that question without further knowledge.

    If this is only a temporary workaround, then it will do the job. But I wouldn't keep doing this forever and I suggest you fix it field by field when you can.

    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论
查看更多回答(1条)

报告相同问题?

悬赏问题

  • ¥15 关于#python#的问题:求帮写python代码
  • ¥20 MATLAB画图图形出现上下震荡的线条
  • ¥15 LiBeAs的带隙等于0.997eV,计算阴离子的N和P
  • ¥15 关于#windows#的问题:怎么用WIN 11系统的电脑 克隆WIN NT3.51-4.0系统的硬盘
  • ¥15 来真人,不要ai!matlab有关常微分方程的问题求解决,
  • ¥15 perl MISA分析p3_in脚本出错
  • ¥15 k8s部署jupyterlab,jupyterlab保存不了文件
  • ¥15 ubuntu虚拟机打包apk错误
  • ¥199 rust编程架构设计的方案 有偿
  • ¥15 回答4f系统的像差计算