Sanitization is Key

Over the past few months, I have been reading other developers code (especially PHP code), and the one thing I have noticed is that not everybody sanitizes input.

This is one of the most key factors to a successful, secure application, be it web or or not.

All it takes it to check whether the input given is what you were expecting, and wrap a function call around it.

For example:

[php code]
// This is just a very short example
$id = $_GET['id'];

$query = mysqlquery('SELECT table.field FROM table WHERE id=' . $GET['id']);

[/php code]

The above example will cause an SQL injection vulnerability as the attacker can simply exploit the fact that you have not sanitized anything.

A better example of a sanitized version of this would be as follows:

[php code]
// Sanitize the user input
$id = mysqlrealescapestring( $GET['id'] );

// Check to see if the data given is a digit
if( !ctype_digit( (string)$id ) ){
return false;
}

// Use sprintf to ensure that the parameter given is a digit
$query = sprintf( 'SELECT table.field
FROM table
WHERE id = %d', $id );

// Assign the query to a variable
$result = mysql_query( $query );

// Check if the query was executed correctly
if( $result ){
// Do something
}
[/php code]

So, please, for every programmers sake, Always sanitize ALL input.