Article From:https://segmentfault.com/q/1010000011147161
Question:

phpSome data from the back end to the single front end post

Are there any experienced predecessors who can sum up the way of formatting?

For example, the passing user uid, such as the orderId of the order, such as the amount (with two decimal or no two decimal), such as some status States, such as some text content.

Or are there any comprehensive articles that are not related? I hope that the systematic study will be consolidated and thank you very much.

Answer 0:

Generally speaking, only if you want to write to the contents of the database, you need to filter. You can learn more about how to prevent PHP MYSQL from injecting. Much of the current use is parameterized SQL execution of pdo_mysql.

In addition, when I write programs, I will filter the sensitive data, such as the amount of money, with floatval (). As for the text content, you can save the HTML label before saving it.

Answer 1:

To tell the truth, you don’t understand what you mean by formatting. Since the front end is received, it should be to keep the front end. You are only the recipient, just a safe filter. As for the amount, the number of decimal places should be negotiated with the product, after all, the different business logic needs are notAlso, other int or string are judged according to your business and the value you receive.

Answer 2:

addslash(), str_replace(),(int),number()。。。And so on.

Leave a Reply

Your email address will not be published. Required fields are marked *