Tuesday, 2 October 2012


bool mb_check_encoding ([ string $var = NULL [, string $encoding = mb_internal_encoding() ]] )
Check if the string is valid for the specified encoding
Checks if the specified byte stream is valid for the specified encoding. It is useful to prevent so-called "Invalid Encoding Attack".

The issue whereby mb_check_encoding($string,'UTF-8') falsely returns true for invalid UTF8 byte sequences was resolved somewhere between

PHP 5.2.0 and 5.2.6

The following equivalence seems to work in PHP 5.2.0 and 5.1.6

$valid_utf8 = (@iconv('UTF-8','UTF-8',$string) === $string);

 (with apologies for the @)

No comments:

Post a Comment