I use a simple PHP script to run an online comic which basically uses a GET to take an integer value n and insert an img tag for n.jpg. It doesn't do any sanitizing or error checking beyond making sure that n.jpg exists. The only user interaction with the script is through this GET, and another that does the same thing with a string to manually display a different template for testing.My question is, should I even be worrying about injection? And if so, what should I do to prevent it? Everything I've found so far only concerns MySQL injection, which doesn't apply in this case.
Should I worry about PHP injection if I don't use MySQL?
- Thread starter Hybred
- Start date