Millar Posted October 23, 2006 Share Posted October 23, 2006 When cleaning any user inputted data, either via _GET or _POST, how should I clean it to make sure it's safe, what functions should it be put through to be 100% safe.Thanks in advanced.P.S, the data will be getting entered into a MySQL DB.. Link to comment https://forums.phpfreaks.com/topic/24811-cleaning-incoming/ Share on other sites More sharing options...
Orio Posted October 23, 2006 Share Posted October 23, 2006 I am using this function to excape my strings in the best way.[code]<?phpfunction sql_quote($value) { if(get_magic_quotes_gpc()) {$value = stripslashes($value);} if(function_exists("mysql_real_escape_string")) {$value = mysql_real_escape_string($value);} else {$value = addslashes($value);} return $value;}?>[/code]Orio. Link to comment https://forums.phpfreaks.com/topic/24811-cleaning-incoming/#findComment-113010 Share on other sites More sharing options...
Millar Posted October 23, 2006 Author Share Posted October 23, 2006 Thanks! Link to comment https://forums.phpfreaks.com/topic/24811-cleaning-incoming/#findComment-113011 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.