Always Filter Inputs

The filter_input() function filters and validates external variables coming from insecure sources, such as input forms. This function is commonly used to prevent some security threats like SQL Injection(SQLi) attacks.

To illustrate this behavior, let’s take a simple query string like this:

http://yourdomain.com/index.php?name=&lt;a href=&quot;https://google.com&quot;&gt;Click Me&lt;/a&gt;

Th...

Working with $_GET and $_POST in PHP

Always Filter Inputs