How do I sanitize my inputs?

Matt Ridge · November 10, 2011

II have been told that I should sanitize my inputs, what does that mean?

Isn't that what trim does?

cypher86 · November 10, 2011

no trim delete the spaces at the beginning and at the end of a string.

sanitize means have your string escaped from special characters.

check this out:

string addslashes ( string $str )

xyph · November 10, 2011

Read the article in my signature, specifically about SQL injection.

You need to apply similar when you output HTML to avoid XSS attacks.

floridaflatlander · November 10, 2011

Different things do different things

strip_tags() removes things like <a>, </a>, <javascript> etc anything within tags <>

htmlentities() changes things into their html entity like & changes into &

int() makes sure everthing is a number

mysqli_real_escape_string() is the cats meow and turns every thing into a string

xyph · November 10, 2011

Different things do different things

strip_tags() removes things like <a>, </a>, <javascript> etc anything within tags <>

htmlentities() changes things into their html entity like & changes into &

int() makes sure everthing is a number

mysqli_real_escape_string() is the cats meow and turns every thing into a string

Disregard this post please.

Sign In

How do I sanitize my inputs?

Recommended Posts

Matt Ridge

Link to comment

Share on other sites

cypher86

Link to comment

Share on other sites

xyph

Link to comment

Share on other sites

floridaflatlander

Link to comment

Share on other sites

xyph

Link to comment

Share on other sites

Archived

Browse

Activity

Important Information