Jump to content

[SOLVED] function not working...


darkfreaks

Recommended Posts

any takers ???

 

<?php
if(get_magic_quotes_gpc())
{
//clean XSS/SQL injection
function clean_post($var) {

$var=strip_tags(trim(mysqli_real_escape_string($var)));
$var=htmlspecialchars($var,ENT_QUOTES);
return $var;
}

array_walk_recursive($_POST,'clean_post');
} 
?>

Link to comment
https://forums.phpfreaks.com/topic/136462-solved-function-not-working/
Share on other sites

<?php
if(get_magic_quotes_gpc())
{
//clean XSS/SQL injection
function clean_post(&$var) {

$var=strip_tags(trim(mysqli_real_escape_string($var)));
$var=htmlspecialchars($var,ENT_QUOTES);
}

array_walk_recursive($_POST,'clean_post');
} 
?>

Also, make sure get_magic_quotes_gpc() is not returning false.

It would probably be worth your time to read the php manual section for the mysqli_real_escape_string() function - http://us.php.net/manual/en/mysqli.real-escape-string.php

 

The procedural style usage requires the link identifier as the first parameter. The second parameter is the string. If you were developing php code and debugging php code on a system with error_reporting set to E_ALL and display_errors set to ON, there would have been an error reporting concerning the incorrect parameters that would have probably allowed you to solve at least that part of the problem yourself.

Modified with mysql instead of mysqli:

 

<?php

//clean XSS/SQL injection
function clean_post($var) {

$var=strip_tags(trim(mysql_real_escape_string($var)));
$var=htmlspecialchars($var,ENT_QUOTES);
return $var;
}

array_walk_recursive($_POST,'clean_post');

?>

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.