localhost Posted October 28, 2006 Share Posted October 28, 2006 I want to secure these two as best as possible, for $_POST I am using htmlspecialchars, and trim. I want to refrain from using addslashes/stripslashes.What else should I use? Quote Link to comment Share on other sites More sharing options...
.josh Posted October 28, 2006 Share Posted October 28, 2006 i know you said you wanted to refrain from using add/stripslashes, but this is what i use, and it's been okay thusfar:[code]function clean_var($value){ if (get_magic_quotes_gpc()) { stripslashes($value); } if (!is_numeric($value)) { mysql_real_escape_string($value); } return $value;}[/code] Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.