Jump to content


Photo

Validating User Input


  • Please log in to reply
1 reply to this topic

#1 spfoonnewb

spfoonnewb
  • Members
  • PipPipPip
  • Advanced Member
  • 276 posts

Posted 29 August 2006 - 10:50 PM

Validating user posted data:

I want to remove any HTML using: mysql_real_escape_string or strip_tags

I also want to remove invalid characters, ( - , ! , # , % , ^ , & , * , ( , ) , AND , OR , WHERE , etc.... )

This will be to prevent MySQL injection, can anyone help?

#2 hitman6003

hitman6003
  • Members
  • PipPipPip
  • Advanced Member
  • 1,807 posts

Posted 29 August 2006 - 11:06 PM

http://www.php.net/str_replace

Use an array of all the characters you want to replace for the first arguement.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users