Hi, I would like to see how Joomla / Drupal do their validation / security, where are the input validation scripts located?
A:
Drupal: http://api.drupal.org/api/drupal/modules--user--user.module/6
Joomla: http://api.joomla.org/Joomla-Framework/User/_joomla---user---authentication.php.html
Mark Trapp
2010-08-21 22:53:07
A:
There isn't a single/central validation code for user's input in Drupal. Each form as it own validations handlers, search for *_validate* in the Drupal API. In addition, there is some re-usable validation functions such as valid_url() and valid_email_address(). Drupal also encourage output sanitization with functions such as t(), check_plain() or filter_xss(). Drupal discourage bad-practive regarding SQL injection by favoring placeholders in query string, see db_query().
mongolito404
2010-08-22 08:05:39