Self-taught Noob question... I'm probably over thinking this and being too paranoid, but something along the way gave me the impression that incoming variables need to be validated and sanitized.
There is no magic bullet built-in functionality that does that, right? I'm using the "Validator" package in combination with strip_tags(Purifier::clean($var) and I already added both of them to my custom-built controllers. I'm left wondering if that was wasteful and I'm particularly concerned about any outside packages I'm using.
If I need to add some code to the outside packages, then that would mean re-adding it every time they update/we adopt a package too, correct?
Thoughts and suggestions for best practices? submitted by /u/altdevD
[link] [comments]
No comments:
Post a Comment
Thanks