Posted on Monday 4th February 2019
Introducing the Input class, an Object Oriented approach to Securing Input in php.
The problem with how PHP handles input, its that it puts the data in globally accessible arrays, including $_POST and $_GET. Not only does our code have access to everything in these arrays, so does any third party code you include.
This class blanks out the Super Globals $_POST and $_GET and stores their contents within the class. Allowing better control over the input and what code can access it.
$input = new Input(); echo $input->get('id'); echo $input->post('id');
Default Parameters can be passed as the second option
$input->get('test','default value here');
Strips Tags by default, can be disabled by passing false as third option.
As features are added, there will be new tests to prove they work as intended. You can run the tests yourself using the following command.
composer require christopher-paul-shaw/input