Have an account? Sign in
Login  Register  Facebook
Which approach is better for security?
I get input from user through a form and then process.
For example,
Method 1:
if $_POST[\'submit\']{
$title = $_POST[\'title\'];
$message = $_POST[\'message\'];

send_message($title, $message);
function send_message($title, $message){
$t= secure($title);
$m = secure($message);


Method 2:
if $_POST[\'submit\']{

$title = secure($_POST[\'title\']);
$message = secure($_POST[\'message\']);

send_message($title, $message);

function send_message($title, $message){
//no need to secure input here as i already did before passing to this function.

Please note that in method 1 i did not secure the input, i sent the input as the user submitted it. I will secure it in the send_message function before i insert to database.
in Method 2, I first of all secured input and then passed to the function.

So my question is that, is there any security risk by passing the inputs in a function as above?

Should i secure the inputs before i call the send_message function?
Which of the method is more secure?
Started: September 18, 2011 Latest Activity: September 18, 2011 mysql security
1 Answer
its the same my friend because in the two cases you secure it before the real send

Posted: MacOS
In: September 18, 2011

Your Answer

xDo you want to answer this question? Please login or create an account to post your answer