I'm thinking about an application which recieves massive Data from the User. But this data has to be verified in php:
fe $_GET['id'] has to be a number every Element of an array must be a value between a specific range.
so how efficient are functions like is_int($x)
or isset($x)
? Maybe if($x!=null) is faster or (int) x is causing same results.
What is the best way to handle Data that needs to get to Database quick but needs to be verified? Is there any difference in $_GET and $_POST in speed?
Maybe implementing a class doing that improves something?
Maybe for an more concret chance to answer, here a bit inefficent code:
if(isset($_GET["x"]) && $_GET["x"] > 0) { $x = $_GET["x"]; }
if(isset($_GET["y"]) && $_GET["y"] > 0) { $y = $_GET["y"]; }
if(isset($_GET["winWidth"]) && $_GET["winWidth"] > 0) { $winWidth = $_GET["winWidth"]; }
if(isset($_GET["winHeight"]) && $_GET["winHeight"] > 0) { $winHeight = $_GET["winHeight"]; }
if(isset($_GET["a"])) { $a = $_GET["a"]; }
UPDATE:
What about further security functions like:
mysql_real_escape_string($str);
or
stripslashes()
? Please Stackoverflow, show me the magic :)
Harry
The fastest way to check if something has been posted and whether it's a positive integer:
if (isset($_POST['field']) && ctype_digit($_POST['field']))
mysql_real_escape_string
is incredibly slow, compared to addslashes
. However, it's definitely more secure.
However, it's normally not necessary to worry about all this too much. We're talking about billionths of a second here.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.