At the beginning of every php script, I loop through the possible POST and GET inputs, filter them properly, so later when I need an input, I can use my custom, safe, filtered variable, (which is an array, that holds POSTS and GETS) and I do not have to touch $_GET and $_POST.
If the variable is a hash-value, either a 40 character SHA1, or a 64 character Adobe Stratus ID, how do I recognise them?
I do not want the user, to post some nonsense data.
To test whether a string is a x length hash value or not:
$x = 40
$string = "inputstring";
$boolResult = (preg_match('/^[0-9a-f]{'$x'}$/i', $string) == true) ? true : false;