CodingForums.com - View Single Post - How to sanitize submitted value before header function?

felgall · 01-26-2013, 02:44 AM

So the field is only allowed to have three specific values - to sanitize it you check that the value is one of those three -

Code:

<?php
	if (isset($_POST['nav'])) {
               if ($_POST['nav'] == "http://css-tricks.com/" ||
                   $_POST['nav'] == "http://digwp.com/" ||
                   $_POST['nav'] == "http://quotesondesign.com/")
		 header("Location: $_POST[nav]");
	}
?>

01-26-2013, 02:44 AM	PM User \| #2
felgall Master Coder Join Date: Sep 2005 Location: Sydney, Australia Posts: 5,451 Thanks: 0 Thanked 496 Times in 488 Posts	So the field is only allowed to have three specific values - to sanitize it you check that the value is one of those three - Code: <?php if (isset($_POST['nav'])) { if ($_POST['nav'] == "http://css-tricks.com/" \|\| $_POST['nav'] == "http://digwp.com/" \|\| $_POST['nav'] == "http://quotesondesign.com/") header("Location: $_POST[nav]"); } ?> __________________ Stephen Learn Modern JavaScript - http://javascriptexample.net/ Helping others to solve their computer problem at http://www.felgall.com/