Millar Posted October 23, 2006 Share Posted October 23, 2006 When cleaning any user inputted data, either via _GET or _POST, how should I clean it to make sure it's safe, what functions should it be put through to be 100% safe.Thanks in advanced.P.S, the data will be getting entered into a MySQL DB.. Quote Link to comment Share on other sites More sharing options...
Orio Posted October 23, 2006 Share Posted October 23, 2006 I am using this function to excape my strings in the best way.[code]<?phpfunction sql_quote($value) { if(get_magic_quotes_gpc()) {$value = stripslashes($value);} if(function_exists("mysql_real_escape_string")) {$value = mysql_real_escape_string($value);} else {$value = addslashes($value);} return $value;}?>[/code]Orio. Quote Link to comment Share on other sites More sharing options...
Millar Posted October 23, 2006 Author Share Posted October 23, 2006 Thanks! Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.