to take advantage of this reactivated thread.
this code is ok for this example.PHP Code:function lenCheck( $var, $maxlen ) {
if (strlen($var) > $maxlen) {
return false;
} else {
return true;
}
}
as a more correct practice the positive security model must be applied universally. a positive security model will allow what is specifically validated and fail everything else. in more complex structures this will result in failures instead of actionable exceptions and prevents many attack types unforeseen by the designer.
Reply With Quote