Jump to content


Photo

Cleaning Incoming


  • Please log in to reply
2 replies to this topic

#1 Millar

Millar
  • Members
  • PipPipPip
  • Advanced Member
  • 40 posts
  • LocationSouthampton, UK.

Posted 23 October 2006 - 07:30 AM

When cleaning any user inputted data, either via _GET or _POST, how should I clean it to make sure it's safe, what functions should it be put through to be 100% safe.

Thanks in advanced.

P.S, the data will be getting entered into a MySQL DB..

#2 Orio

Orio
  • Staff Alumni
  • Advanced Member
  • 2,491 posts

Posted 23 October 2006 - 07:34 AM

I am using this function to excape my strings in the best way.

<?php

function sql_quote($value) 
{

 if(get_magic_quotes_gpc())
 	{$value = stripslashes($value);}

 if(function_exists("mysql_real_escape_string"))
 	{$value = mysql_real_escape_string($value);} 
 else
 	{$value = addslashes($value);} 

 return $value;

}

?>

Orio.
Think you're smarty?

(Gone until 20 to November)

#3 Millar

Millar
  • Members
  • PipPipPip
  • Advanced Member
  • 40 posts
  • LocationSouthampton, UK.

Posted 23 October 2006 - 07:37 AM

Thanks!




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users