Last active
March 23, 2021 21:30
-
-
Save adrian-enspired/2c52877992b96525820b to your computer and use it in GitHub Desktop.
a "whitelist" is a list of acceptable values which you can compare an unknown value to, in order to be sure it is valid.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| // basic concept: | |
| $whitelist = [ | |
| 'foo', | |
| 'bar' | |
| ]; | |
| if (in_array($unknown_value, $whitelist, true)) { | |
| /* it's all good */ | |
| } else { | |
| /* nope */ | |
| } |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| // a concrete example | |
| $color = filter_input(INPUT_GET, 'color'); | |
| # Whitelist | |
| $available_colors = ['red', 'orange', 'purple', 'brown']; | |
| # Validation | |
| if (in_array($color, $available_colors, true)) { | |
| echo "Yes, {$color} is available"; | |
| } else { | |
| echo 'That color is not available. Please select an available color: ', implode(', ', $available_colors); | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment