the previous one could allow a SQL injection, since the opts.filetype value came straight from the browser
this more precise regex match will not produce spurious matches (which were very unlikely, true, but still, let's be precise) (video/movingimages would have matched %image%!)
the previous one could allow a SQL injection, since the
opts.filetypevalue came straight from the browserthis more precise regex match will not produce spurious matches (which were very unlikely, true, but still, let's be precise) (
video/movingimageswould have matched%image%!)Checklist