MyBB Community Forums

Full Version: How does MyBB Clean Posted Variables?
You're currently viewing a stripped down version of our content. View the full version with proper formatting.
Pages: 1 2
floatval() for floats

Or you can check with is_numeric, or use CType libraries, or regular expressions. There are many methods for filtering things out - just make sure you remember to do so!



Oh, and I recommend santizing most (or all if you're uncertain) inputs, as these are potential exploits. In fact, the MyBB 1.2.11 update patches an exploit caused by improper input sanitization going directly into an eval() statement.
Pages: 1 2