0
0
PHPprogramming~5 mins

Input validation and sanitization in PHP - Cheat Sheet & Quick Revision

Choose your learning style9 modes available
LearnWhyDeepVisualTryChallengeProjectRecallTime
Recall & Review
beginner
What is input validation in PHP?
Input validation is the process of checking if the data provided by the user meets the expected format, type, or rules before using it in the program.
Click to reveal answer
beginner
What does input sanitization mean?
Input sanitization means cleaning or modifying user input to remove or escape harmful characters to prevent security issues like SQL injection or cross-site scripting.
Click to reveal answer
beginner
Which PHP function can be used to check if an email is valid?
The function filter_var() with the FILTER_VALIDATE_EMAIL flag checks if an email address is valid.
Click to reveal answer
intermediate
How does htmlspecialchars() help in input sanitization?
htmlspecialchars() converts special characters to HTML entities, preventing malicious code from running in the browser.
Click to reveal answer
beginner
Why should you never trust user input directly?
User input can be incorrect or harmful. Validating and sanitizing input protects your program from errors and security attacks.
Click to reveal answer
Which PHP function is used to validate an integer input?
Afilter_var() with FILTER_VALIDATE_INT
Bhtmlspecialchars()
Ctrim()
Dstrtolower()
What does the PHP function trim() do?
AEscapes quotes in a string
BConverts special characters to HTML entities
CChecks if input is a valid email
DRemoves whitespace from the beginning and end of a string
Why is input sanitization important?
ATo change the input type
BTo prevent security risks like SQL injection and XSS
CTo make the input longer
DTo speed up the program
Which filter validates an email address in PHP?
AFILTER_VALIDATE_INT
BFILTER_SANITIZE_EMAIL
CFILTER_VALIDATE_EMAIL
DFILTER_SANITIZE_STRING
What is the main difference between validation and sanitization?
AValidation checks correctness; sanitization cleans input
BValidation cleans input; sanitization checks correctness
CBoth do the same thing
DNeither is needed for user input
Explain how you would validate and sanitize a user's email input in PHP.
Think about checking format first, then cleaning unwanted characters.
You got /3 concepts.
    Describe why input validation and sanitization are important for web security.
    Consider what could happen if you trust user input blindly.
    You got /3 concepts.