What are the best practices for passing parameters in PHP URLs like index.php?action=blabla?

When passing parameters in PHP URLs like index.php?action=blabla, it is important to properly sanitize and validate the input to prevent security vulnerabilities such as SQL injection or cross-site scripting attacks. One common best practice is to use PHP's filter_input() function to retrieve and sanitize input from the URL parameters.

// Retrieve and sanitize the &#039;action&#039; parameter from the URL
$action = filter_input(INPUT_GET, &#039;action&#039;, FILTER_SANITIZE_STRING);

// Validate the &#039;action&#039; parameter to ensure it meets your application&#039;s requirements
if ($action === false) {
    // Handle invalid input
} else {
    // Proceed with using the sanitized and validated &#039;action&#039; parameter
}

Keywords

PHP URL parameters GET method security validation

What are the best practices for passing parameters in PHP URLs like index.php?action=blabla?

Keywords

Related Questions